|
Plagegeister aller Art und deren Bekämpfung: Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.07.2017, 09:57 | #1 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. Hallo liebes Forum. Ich vermute leider, dass mein Rechner sich ein Virus eingefangen hat. Es wäre wunderbar, wenn mir jemand helfen könnte. In letzter Zeit war mein Rechner in Dauerbenutzung. Habe sehr viel in Open Office und InDesign gearbeitet. Plötzlich war Open Office überlastet und ist abgestürzt. Das Fenster lies sich nicht mehr schließen, ich musste den Computer neustarten. Seither wurde auch es auch im Netz immer langsamer nun lässt sich fast gar nicht mehr surfen. Um diesen Beitrag schreiben zu können hat es eine halbe Stunde gedauert, bis mir die richtige Seite geöffnet wurde. DAbei habe ich einen Virenscanner von McAffe, eine Jahresmitgliedschaft, der hat allerdings nie einen Virus gefunden, und ist sogar auch nun abgestürzt. Ich bekomme manchmal eine Fehlermeldungen mit folgenden Inhalten, dass ein Skript im Hintergrund ausgeführt wird oder nicht antwortet und wenn ich es nicht stoppe, dann wird mein Laptop gar nicht mehr reagieren. Sonst habe ich keine weiteren Besonderheiten an Programmen. Eine CS6 Versionen von Adobe, die auch ab und anmal spinnt Rechner. Ich hoffe, sie können mit meinen Informationen etwas anfangen und es findet sich jemand der mir helfen kann. Lieben Gruß, Nomathemba |
30.07.2017, 10:43 | #2 |
/// TB-Ausbilder | Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
30.07.2017, 16:04 | #3 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2017 durchgeführt von tha (ACHTUNG: der Benutzer ist kein Administrator) auf PAOLO (30-07-2017 16:20:20) Gestartet von C:\Users\tha\Downloads Geladene Profile: tha (Verfügbare Profile: tha & Kind 1_2_3 & Administrator & Gast) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> WUDFHost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> igfxCUIService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dasHost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe konnte nicht auf den Prozess zugreifen -> HeciServer.exe konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe konnte nicht auf den Prozess zugreifen -> GfExperienceService.exe konnte nicht auf den Prozess zugreifen -> chip 1-click installer.exe konnte nicht auf den Prozess zugreifen -> CaptureLibService.exe konnte nicht auf den Prozess zugreifen -> HidMonitorSvc.exe konnte nicht auf den Prozess zugreifen -> HD-LogRotatorService.exe konnte nicht auf den Prozess zugreifen -> HD-UpdaterService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> mfevtps.exe konnte nicht auf den Prozess zugreifen -> ModuleCoreService.exe konnte nicht auf den Prozess zugreifen -> mfemms.exe konnte nicht auf den Prozess zugreifen -> BtwRSupportService.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> AGSService.exe konnte nicht auf den Prozess zugreifen -> NVDisplay.Container.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> PEFService.exe konnte nicht auf den Prozess zugreifen -> psia.exe konnte nicht auf den Prozess zugreifen -> nvstreamsvc.exe konnte nicht auf den Prozess zugreifen -> NvNetworkService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> mfevtps.exe konnte nicht auf den Prozess zugreifen -> nvstreamsvc.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> mfefire.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> mfefire.exe konnte nicht auf den Prozess zugreifen -> mcapexe.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> sua.exe konnte nicht auf den Prozess zugreifen -> McCSPServiceHost.exe konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe konnte nicht auf den Prozess zugreifen -> IntelMeFWService.exe konnte nicht auf den Prozess zugreifen -> jhi_service.exe konnte nicht auf den Prozess zugreifen -> LMS.exe konnte nicht auf den Prozess zugreifen -> PresentationFontCache.exe konnte nicht auf den Prozess zugreifen -> iPodService.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe konnte nicht auf den Prozess zugreifen -> McSvHost.exe konnte nicht auf den Prozess zugreifen -> mcsacore.exe konnte nicht auf den Prozess zugreifen -> McVulCtr.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> McCBEntAndInstru.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> McUICnt.exe konnte nicht auf den Prozess zugreifen -> dllhost.exe konnte nicht auf den Prozess zugreifen -> McCBEntAndInstru.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> McUICnt.exe konnte nicht auf den Prozess zugreifen -> McCBEntAndInstru.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> McUICnt.exe konnte nicht auf den Prozess zugreifen -> MfeAVSvc.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> LSC.Services.SystemService.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> dwm.exe konnte nicht auf den Prozess zugreifen -> nvxdsync.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe konnte nicht auf den Prozess zugreifen -> McClientAnalytics.exe konnte nicht auf den Prozess zugreifen -> WmiApSrv.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe konnte nicht auf den Prozess zugreifen -> svchost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [703272 2015-10-28] (Alps Electric Co., Ltd.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [892536 2015-07-16] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-12-16] ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-29] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{7126d5c5-abe5-4848-996b-ac34b988f149}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{814f66ba-d36a-4538-8b9c-8fa24599115a}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001 -> {388E85C4-8995-4311-8A02-876679A476F0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141202&p={searchTerms} BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18] (Oracle Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: tm9h749x.Standard-Benutzer FF ProfilePath: C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default [2015-12-16] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\xn2v2sx7.default -> Sichere Suche FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\xn2v2sx7.default -> Sichere Suche FF SelectedSearchEngine: Mozilla\Firefox\Profiles\xn2v2sx7.default -> Sichere Suche FF Homepage: Mozilla\Firefox\Profiles\xn2v2sx7.default -> www.google.de FF Keyword.URL: Mozilla\Firefox\Profiles\xn2v2sx7.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE0D20141202&p= FF Extension: (Avira Browser Safety) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\abs@avira.com [2014-10-02] [ist nicht signiert] FF Extension: (FoxyProxy Standard) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\foxyproxy@eric.h.jung [2014-09-30] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-30] [ist nicht signiert] FF Extension: (WOT) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-09-30] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-30] [ist nicht signiert] FF Extension: (BetterPrivacy) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-09-30] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\McAfee\SiteAdvisor [2017-07-23] [ist nicht signiert] FF Extension: (Kein Name) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [nicht gefunden] FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18] FF SearchPlugin: C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\searchplugins\McSiteAdvisor.xml [2016-03-24] FF SearchPlugin: C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\xn2v2sx7.default\searchplugins\startpage-https---deutsch.xml [2014-09-30] FF ProfilePath: C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer [2017-07-30] FF Homepage: Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer -> hxxps://www.google.com/ FF Extension: (FoxyProxy Standard) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\foxyproxy@eric.h.jung [2017-01-29] FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-03-31] FF Extension: (NoScript) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-28] FF Extension: (WOT) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-05-05] FF Extension: (Video DownloadHelper) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09] FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2017-01-17] FF Extension: (Adblock Plus) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08] FF Extension: (BetterPrivacy) - C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01] FF SearchPlugin: C:\Users\tha\AppData\Roaming\Mozilla\Firefox\Profiles\tm9h749x.Standard-Benutzer\searchplugins\startpage-ssl.xml [2015-06-03] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-07-03] [ist nicht signiert] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-19] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-11-09] (McAfee, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 0130011500050593mcinstcleanup; C:\WINDOWS\TEMP\013001~1.EXE [1031928 2017-05-31] (McAfee, Inc.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90440 2015-10-28] (Alps Electric Co., Ltd.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.) R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert] R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-20] (Intel Corporation) R3 lmhosts; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.) R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 nsi; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-10-24] (REALiX(tm)) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-20] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.) U3 mfeavfk01; kein ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-12-20] (Realsil Semiconductor Corporation) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2016-06-27] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-30 16:31 - 2017-07-30 16:36 - 04922400 _____ (AO Kaspersky Lab) C:\Users\tha\Downloads\tdsskiller.exe 2017-07-30 16:20 - 2017-07-30 16:39 - 00031871 _____ C:\Users\tha\Downloads\FRST.txt 2017-07-30 16:10 - 2017-07-30 16:17 - 02381312 _____ (Farbar) C:\Users\tha\Downloads\FRST64.exe 2017-07-19 00:19 - 2017-07-28 01:18 - 00000000 ____D C:\Users\tha\Documents\filmkulturerbe 2017-07-18 15:42 - 2017-07-18 15:42 - 00068739 _____ C:\Users\tha\Desktop\Detail.pdf 2017-07-17 12:39 - 2017-07-19 08:45 - 00000000 ____D C:\Users\tha\Documents\Schriften 2017-07-17 12:38 - 2017-07-17 12:38 - 00321089 _____ C:\Users\tha\Desktop\Archiv.zip 2017-07-11 23:22 - 2017-07-07 09:49 - 00340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-07-11 23:22 - 2017-07-07 09:46 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-07-11 23:22 - 2017-07-07 09:40 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:20 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2017-07-11 23:22 - 2017-07-07 09:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll 2017-07-11 23:22 - 2017-07-07 09:17 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 23:22 - 2017-07-07 09:10 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 23:22 - 2017-07-07 09:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-07-11 23:22 - 2017-07-07 09:03 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 23:22 - 2017-07-07 09:02 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 23:22 - 2017-07-07 09:00 - 00476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 23:22 - 2017-07-07 08:54 - 02997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-07-11 23:22 - 2017-07-07 08:53 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 04561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 01599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 23:22 - 2017-07-07 08:47 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-07-11 23:22 - 2017-06-21 10:18 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-07-11 23:22 - 2017-06-21 09:52 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-07-11 23:22 - 2017-06-21 09:52 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-07-11 23:22 - 2017-06-21 09:42 - 01573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 23:22 - 2017-06-21 09:42 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-07-11 23:22 - 2017-06-21 09:39 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-07-11 23:22 - 2017-06-21 09:38 - 00790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 23:22 - 2017-06-21 09:36 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-07-11 23:22 - 2017-06-21 09:36 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2017-07-11 23:22 - 2017-06-21 09:30 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-07-11 23:22 - 2017-06-21 09:30 - 00196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2017-07-11 23:22 - 2017-06-21 09:29 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 01122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll 2017-07-11 23:22 - 2017-06-21 09:22 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 06665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 04023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 01845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 00962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 00312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2017-07-11 23:22 - 2017-06-21 09:19 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 23:22 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-07-11 23:22 - 2017-06-21 09:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys 2017-07-11 23:22 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-07-11 23:22 - 2017-06-21 09:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 08:59 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-07-11 23:22 - 2017-06-21 08:56 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-07-11 23:22 - 2017-06-21 08:47 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 04615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-07-11 23:22 - 2017-06-21 08:45 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-07-11 23:22 - 2017-06-21 08:42 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 03400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-07-11 23:22 - 2017-06-21 08:38 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:35 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 01886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:34 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-07-11 23:22 - 2017-06-21 08:31 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-07-11 23:22 - 2017-06-21 08:30 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll 2017-07-11 23:22 - 2017-06-21 08:10 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-07-11 23:22 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-07-11 23:22 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-07-11 23:22 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-07-11 23:22 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:22 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-07-11 23:22 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-07-11 23:22 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-07-11 23:22 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:22 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-07-11 23:21 - 2017-07-07 09:44 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 23:21 - 2017-07-07 09:42 - 07781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-07-11 23:21 - 2017-07-07 09:37 - 00468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 23:21 - 2017-07-07 09:37 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-07-11 23:21 - 2017-07-07 09:32 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-07-11 23:21 - 2017-07-07 09:29 - 02759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-07-11 23:21 - 2017-07-07 09:24 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-07-11 23:21 - 2017-07-07 09:23 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 23:21 - 2017-07-07 09:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 09:18 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 01100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 23:21 - 2017-07-07 09:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 09:14 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 23:21 - 2017-07-07 09:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 09:06 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 09:05 - 19414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-07-11 23:21 - 2017-07-07 09:00 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:57 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:56 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:55 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:51 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 23:21 - 2017-07-07 08:46 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-07-11 23:21 - 2017-07-07 08:44 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 08:39 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 23:21 - 2017-07-07 08:36 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 23:21 - 2017-07-07 08:35 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 23:21 - 2017-07-07 08:33 - 00576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll 2017-07-11 23:21 - 2017-07-07 08:31 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-07-11 23:21 - 2017-07-07 08:30 - 13090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:29 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:28 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 23:21 - 2017-07-07 08:27 - 08120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-07-11 23:21 - 2017-06-21 09:54 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-07-11 23:21 - 2017-06-21 09:53 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-07-11 23:21 - 2017-06-21 09:51 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-07-11 23:21 - 2017-06-21 09:48 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-07-11 23:21 - 2017-06-21 09:41 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:40 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 07220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 01369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 08169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 01983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 23:21 - 2017-06-21 09:26 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-07-11 23:21 - 2017-06-21 09:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 23:21 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-07-11 23:21 - 2017-06-21 09:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-07-11 23:21 - 2017-06-21 09:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:21 - 2017-06-21 08:59 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2017-07-11 23:21 - 2017-06-21 08:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-07-11 23:21 - 2017-06-21 08:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-07-11 23:21 - 2017-06-21 08:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 23:21 - 2017-06-21 08:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-07-11 23:21 - 2017-06-21 08:56 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 23:21 - 2017-06-21 08:55 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-07-11 23:21 - 2017-06-21 08:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-07-11 23:21 - 2017-06-21 08:50 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-07-11 23:21 - 2017-06-21 08:43 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-07-11 23:21 - 2017-06-21 08:38 - 02695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-07-11 23:21 - 2017-06-21 08:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-07-11 23:21 - 2017-06-21 08:34 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2017-07-11 23:21 - 2017-06-21 08:33 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-07-11 23:21 - 2017-06-21 08:33 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll 2017-07-11 23:21 - 2017-05-23 06:58 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-07-11 23:21 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-07-11 23:21 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:21 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-07-11 23:21 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:21 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-07-11 23:21 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-07-11 23:21 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-07-11 23:21 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 23:21 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-07-11 23:21 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 23:20 - 2017-07-07 09:40 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-07-11 23:20 - 2017-07-07 09:28 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 23:20 - 2017-07-07 09:23 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-07-11 23:20 - 2017-07-07 08:58 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-07-11 23:20 - 2017-07-07 08:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-07-11 23:20 - 2017-07-07 08:47 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 23:20 - 2017-07-07 08:46 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2017-07-11 23:20 - 2017-07-07 08:45 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-07-11 23:20 - 2017-07-07 08:45 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-07-11 23:20 - 2017-07-07 08:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 23:20 - 2017-07-07 08:34 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-07-11 23:20 - 2017-07-07 08:29 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-07-11 23:20 - 2017-07-07 08:28 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 23:20 - 2017-07-07 08:25 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 05388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-07-11 23:20 - 2017-07-07 08:24 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 23:20 - 2017-07-07 08:22 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 23:20 - 2017-06-21 09:56 - 01405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-07-11 23:20 - 2017-06-21 09:55 - 02170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-07-11 23:20 - 2017-06-21 09:54 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-07-11 23:20 - 2017-06-21 09:51 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-07-11 23:20 - 2017-06-21 09:50 - 00126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2017-07-11 23:20 - 2017-06-21 09:47 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 23:20 - 2017-06-21 09:36 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-07-11 23:20 - 2017-06-21 09:35 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-07-11 23:20 - 2017-06-21 09:35 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-07-11 23:20 - 2017-06-21 09:31 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 23:20 - 2017-06-21 09:03 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2017-07-11 23:20 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-07-11 23:20 - 2017-06-21 09:00 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-07-11 23:20 - 2017-06-21 08:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-07-11 23:20 - 2017-06-21 08:52 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-07-11 23:20 - 2017-06-21 08:51 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-07-11 23:20 - 2017-06-21 08:50 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-07-11 23:20 - 2017-06-21 08:48 - 00968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-07-11 23:20 - 2017-06-21 08:48 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-07-11 23:20 - 2017-06-21 08:46 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2017-07-11 23:20 - 2017-06-21 08:45 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-07-11 23:20 - 2017-06-21 08:43 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-07-11 23:20 - 2017-06-21 08:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-07-11 23:20 - 2017-06-21 08:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 01421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 23:20 - 2017-06-21 08:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 02916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 23:20 - 2017-06-21 08:37 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-07-11 23:20 - 2017-06-21 08:35 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-07-11 23:20 - 2017-06-21 08:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-07-11 23:20 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 23:20 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-07-09 17:18 - 2017-07-09 17:18 - 00000000 ____D C:\adobeTemp 2017-07-09 16:26 - 2017-07-09 17:08 - 00001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2017-07-09 15:53 - 2017-07-09 15:53 - 00087314 _____ C:\Users\tha\Downloads\rounded_elegance.zip 2017-07-09 15:19 - 2013-09-16 23:00 - 00000000 ____D C:\Users\tha\Desktop\__MACOSX 2017-07-09 13:19 - 2017-07-09 13:19 - 00001414 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-07-09 12:51 - 2017-07-09 12:52 - 00000000 ____D C:\Program Files\UNP 2017-07-09 12:51 - 2017-07-09 12:51 - 00000000 ____D C:\WINDOWS\system32\UNP 2017-07-07 09:07 - 2017-07-07 09:07 - 00000000 _____ C:\Users\tha\Downloads\FreemakeVideoConverterSetup.exe 2017-07-07 08:59 - 2017-07-07 08:59 - 01524744 _____ C:\Users\tha\Downloads\Quick Media Converter - CHIP-Installer.exe 2017-07-06 08:23 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-07-06 08:23 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-07-06 08:22 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-07-06 08:22 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-07-05 21:13 - 2017-07-05 21:13 - 00064011 _____ C:\Users\tha\Desktop\entwurf (2014_11_26 12_22_02 UTC).odt 2017-07-04 20:51 - 2017-07-04 20:51 - 00000000 ____D C:\Users\tha\Desktop\vitero Dateien 2017-07-04 18:59 - 2017-07-04 19:02 - 12675832 _____ C:\Users\tha\Downloads\vitero.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-30 16:20 - 2015-04-09 14:37 - 00000000 ____D C:\FRST 2017-07-30 15:29 - 2016-11-20 20:31 - 00000000 ____D C:\Users\tha\AppData\LocalLow\Mozilla 2017-07-30 15:26 - 2016-09-27 11:05 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-30 15:26 - 2014-10-04 21:23 - 00000000 __SHD C:\Users\tha\IntelGraphicsProfiles 2017-07-30 09:50 - 2016-09-27 11:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-07-30 09:50 - 2015-06-26 18:48 - 00000000 ____D C:\Users\tha\AppData\Roaming\vlc 2017-07-30 02:00 - 2014-10-01 02:47 - 00000000 ____D C:\Users\tha\AppData\Local\Adobe 2017-07-28 23:52 - 2014-10-01 19:28 - 00000000 ____D C:\Users\tha\AppData\Roaming\Usenet.nl 2017-07-28 23:51 - 2014-10-01 10:19 - 00000000 ____D C:\Users\tha\Documents\Usenet.nl 2017-07-28 22:59 - 2017-02-16 00:09 - 00000000 ____D C:\Users\tha\AppData\Local\CrashDumps 2017-07-28 22:58 - 2017-06-04 20:40 - 00000000 ____D C:\Users\tha\Desktop\neue HA 2017-07-28 22:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-07-28 14:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-07-28 14:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-07-27 21:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-07-27 11:20 - 2015-10-28 21:49 - 00002416 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-27 11:20 - 2015-10-28 21:49 - 00000000 ___RD C:\Users\tha\OneDrive 2017-07-26 14:25 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-07-18 10:17 - 2014-10-01 01:01 - 00000000 ____D C:\ProgramData\Energy Manager 2017-07-17 22:37 - 2014-10-01 10:17 - 00000000 ____D C:\Users\tha\Documents\privates 2017-07-14 18:43 - 2014-12-02 22:38 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-07-13 13:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2017-07-13 01:42 - 2015-05-01 10:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-12 14:58 - 2016-09-27 11:10 - 00000000 ____D C:\Users\tha 2017-07-12 08:48 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-07-12 08:21 - 2016-07-17 00:51 - 01619550 _____ C:\WINDOWS\system32\perfh007.dat 2017-07-12 08:21 - 2016-07-17 00:51 - 00402306 _____ C:\WINDOWS\system32\perfc007.dat 2017-07-12 08:21 - 2015-10-28 21:28 - 03530374 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-07-12 08:19 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-07-12 08:15 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-07-12 08:14 - 2016-09-27 11:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-07-12 08:14 - 2016-09-27 11:05 - 00000000 ____D C:\ProgramData\NVIDIA 2017-07-12 08:14 - 2016-09-27 11:03 - 05002536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-07-12 08:10 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-07-11 23:31 - 2014-10-04 20:52 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-07-11 23:28 - 2014-10-04 20:52 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-11 22:54 - 2016-07-16 13:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-07-11 19:04 - 2015-10-07 19:50 - 00000000 ____D C:\Users\tha\Documents\Uni 2017-07-09 17:25 - 2014-10-01 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 2017-07-09 17:20 - 2014-10-01 11:08 - 00000000 ____D C:\Program Files\Common Files\Adobe 2017-07-09 17:16 - 2014-10-01 11:10 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-07-09 17:08 - 2015-11-18 13:04 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2017-07-06 08:33 - 2016-08-15 21:31 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-07-04 20:51 - 2015-02-09 10:23 - 00000000 ____D C:\Users\tha\AppData\Roaming\vitero 2017-07-04 08:02 - 2014-12-02 22:39 - 00000000 ____D C:\Program Files\McAfee 2017-07-04 08:01 - 2016-11-20 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-07-04 08:01 - 2014-10-02 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-07-03 15:17 - 2017-03-24 11:48 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-07-03 15:17 - 2014-10-01 02:49 - 00000000 ____D C:\ProgramData\McAfee 2017-07-03 15:16 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2017-07-02 16:00 - 2016-03-24 12:15 - 00420616 _____ C:\Users\tha\Desktop\prophet_provokation_des_pol_pasolini1.odt 2017-07-02 15:39 - 2017-06-15 19:27 - 00021788 _____ C:\Users\tha\Desktop\notentabelle_thembi1.ods 2017-06-30 16:46 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-06-30 16:46 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-08 21:43 - 2015-11-27 12:08 - 0001456 _____ () C:\Users\tha\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-12-20 17:04 - 2015-05-30 18:20 - 0019968 _____ () C:\Users\tha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-10 23:24 - 2014-10-10 23:24 - 0000017 _____ () C:\Users\tha\AppData\Local\resmon.resmoncfg 2016-09-27 11:04 - 2016-09-27 11:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\tha\DropboxInstaller.exe C:\Users\tha\FreeYouTube52Download.exe C:\Users\tha\MVI_9733.DAT C:\Users\tha\vlc-2.1.5-win64.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ Lieber Mathias,vielen vielen Dank dass sie mir helfen wollen.... Ich hoffe, mein Laptop ist dieser Aufgabe gewachsen, denn für diese obigen Informationen hat es zwei Stunden, sie endlich zu erhalten. Der brauch zur Zeit für jeden Befehl eine halbe Stunde. |
30.07.2017, 16:05 | #4 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-07-2017 durchgeführt von tha (30-07-2017 16:40:12) Gestartet von C:\Users\tha\Downloads Windows 10 Pro Version 1607 (X64) (2016-09-27 09:46:09) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1389048734-1753713617-1501943725-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1389048734-1753713617-1501943725-503 - Limited - Disabled) Gast (S-1-5-21-1389048734-1753713617-1501943725-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-1389048734-1753713617-1501943725-1003 - Limited - Enabled) Kind 1_2_3 (S-1-5-21-1389048734-1753713617-1501943725-1004 - Limited - Enabled) => C:\Users\Kind 1_2_3 tha (S-1-5-21-1389048734-1753713617-1501943725-1001 - Limited - Enabled) => C:\Users\tha ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric) Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH) DVDStyler v2.9.4 (HKLM-x32\...\DVDStyler_is1) (Version: - ) Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) flunatic 1.3 (HKLM-x32\...\flunatic_is1) (Version: - Enjoy Speaking GmbH) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation) HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java Runtime Environment Packages (HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Java Runtime Environment Packages) (Version: - ) <==== ACHTUNG Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.1.0.234 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.140 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.1 - X Codec Pack team) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-07-11 23:21 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-05-27 15:50 - 2016-11-02 00:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-07-18 10:23 - 2017-07-18 10:23 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-18 10:23 - 2017-07-18 10:23 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-18 10:23 - 2017-07-18 10:23 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-18 10:23 - 2017-07-18 10:23 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll 2016-09-27 11:52 - 2016-09-27 11:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 20:13 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 20:14 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2017-05-15 21:51 - 00000839 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tha\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{05893cdd-8c10-4f2f-a079-dcce678ce4bb}.JPG DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Speech Recognition" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{9CA4EEE3-061D-4536-AC85-7F7D020C1C45}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B2056228-4E99-467B-BF44-67913C5EAEA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8C2AA4D1-5806-4ACB-B157-7662C5208330}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{195EECDF-E25D-4BAE-9A70-1C6B94BEF5CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{60F478B1-9559-4A1A-A966-B5402AF2BF5D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{F4807A2D-7B24-41F3-B4E4-DD36D71AFB0B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{6E3AAEE8-87EA-4E66-B248-E8BC682C676F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B242005C-72FC-43ED-ACE1-127B25720C29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{596C2672-0ACA-4D15-8640-57DB1FFFC547}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{190CB1E7-16B4-4DE9-A03B-9D183BE8B6B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8E2637F0-BDF7-45BB-805B-3F830D03EDB5}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{7F867922-7BD5-48BA-B923-14301034520E}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [{60E8E99F-94F0-4C26-B25A-3C93EF4B0D0C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CFEDDBD9-334B-4218-8C25-7720942FF358}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3BFE768E-58EE-4F54-ADB4-DB9CDFCB545D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1103D97D-FB26-40A8-A75C-900A36ACF3DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{356A0416-BABB-4620-9354-58D6E85222AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5480EADE-BA5F-4D69-B810-923F980AF25B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E6EC62D7-AFE5-4C85-AE2D-0E9EF7A0772A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{086A9E3F-70ED-43FD-9FAA-F79CDDD59FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{268A1F13-49F2-44F6-AA2F-B0C8880E5130}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B2EB4617-7793-40AB-BA0A-16A325D81C78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{91B48B29-846B-4032-9259-1E82059A8073}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DD0A2729-C871-4B22-9E3A-A9B09142E62D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{59C8F6BD-586A-4705-B3A6-2A4C252BCDFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9DE8A2F7-A1F5-4BC0-AF04-3EEEAF438C44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{118D78CD-A4E1-4072-B118-D5F180766BDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{722FB436-451E-4A69-9C33-8EAC55B964D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6896DACA-A6E1-4DFE-9D3A-B31F32914110}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{4FCA6453-196D-40A0-A1A8-AED82AA763E9}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{0C5B01F7-1BED-43D6-89C7-9A49C3FC1762}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B5D66BA7-0918-4243-A1BA-D4750F6D08F0}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{122DA9B0-29D8-420E-B273-87E6B31D97B9}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [{50FD00A0-8EA0-479D-BDB5-9CB89B52279E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI. ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/30/2017 03:29:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 10.0.14393.1378 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2c80 Startzeit: 01d309377cd3a890 Beendigungszeit: 0 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: ce942a79-752a-11e7-8328-485ab6d094c4 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (07/30/2017 03:29:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 10.0.14393.1378 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1750 Startzeit: 01d30937c8997f20 Beendigungszeit: 410 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: 0ddde466-752b-11e7-8328-485ab6d094c4 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (07/30/2017 03:28:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 10.0.14393.1378 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 28cc Startzeit: 01d30937a0de2850 Beendigungszeit: 0 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: 0535a99d-752b-11e7-8328-485ab6d094c4 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (07/30/2017 03:26:43 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: paolo) Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005. Error: (07/30/2017 06:31:58 AM) (Source: chip 1-click download service) (EventID: 0) (User: ) Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de' ;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de' ;(480) Could not load new Downlaoder Error: (07/28/2017 10:59:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mcuicnt.exe, Version: 9.1.151.0, Zeitstempel: 0x592e4c72 Name des fehlerhaften Moduls: mcmscui.dll, Version: 16.1.160.0, Zeitstempel: 0x592e6217 Ausnahmecode: 0xc000041d Fehleroffset: 0x0000000000049a55 ID des fehlerhaften Prozesses: 0x26a8 Startzeit der fehlerhaften Anwendung: 0x01d30777ebc791ad Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe Pfad des fehlerhaften Moduls: c:\PROGRA~1\mcafee\msc\mcmscui.dll Berichtskennung: 5a1f9de3-cac8-4b0b-972c-a63ac1a9a20d Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/28/2017 10:58:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mcuicnt.exe, Version: 9.1.151.0, Zeitstempel: 0x592e4c72 Name des fehlerhaften Moduls: mcmscui.dll, Version: 16.1.160.0, Zeitstempel: 0x592e6217 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000049a55 ID des fehlerhaften Prozesses: 0x26a8 Startzeit der fehlerhaften Anwendung: 0x01d30777ebc791ad Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe Pfad des fehlerhaften Moduls: c:\PROGRA~1\mcafee\msc\mcmscui.dll Berichtskennung: 50bfe727-fb9c-492a-b410-f82798ef4f76 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/28/2017 06:01:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6968 Error: (07/28/2017 06:01:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6968 Error: (07/28/2017 06:01:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (07/30/2017 03:26:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 03:26:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 03:26:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 11:01:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 10:16:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: Unzulässige Funktion. Error: (07/29/2017 03:39:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: Unzulässige Funktion. Error: (07/28/2017 11:18:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/28/2017 10:39:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/28/2017 10:31:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/28/2017 09:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2017-03-24 11:15:53.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz Prozentuale Nutzung des RAM: 42% Installierter physikalischer RAM: 8108.36 MB Verfügbarer physikalischer RAM: 4663 MB Summe virtueller Speicher: 17958.39 MB Verfügbarer virtueller Speicher: 3606.23 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.09 GB) (Free:433.25 GB) NTFS Drive f: () (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32 ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ==================== Ende von Addition.txt ============================ |
30.07.2017, 16:08 | #5 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. [CODE]16:40:35.0038 0x2f50 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02 16:41:02.0946 0x2f50 ============================================================ 16:41:02.0946 0x2f50 Current date / time: 2017/07/30 16:41:02.0946 16:41:02.0946 0x2f50 SystemInfo: 16:41:02.0946 0x2f50 16:41:02.0946 0x2f50 OS Version: 10.0.14393 ServicePack: 0.0 16:41:02.0946 0x2f50 Product type: Workstation 16:41:02.0946 0x2f50 ComputerName: PAOLO 16:41:02.0946 0x2f50 UserName: Administrator 16:41:02.0946 0x2f50 Windows directory: C:\WINDOWS 16:41:02.0946 0x2f50 System windows directory: C:\WINDOWS 16:41:02.0946 0x2f50 Running under WOW64 16:41:02.0946 0x2f50 Processor architecture: Intel x64 16:41:02.0946 0x2f50 Number of processors: 8 16:41:02.0946 0x2f50 Page size: 0x1000 16:41:02.0946 0x2f50 Boot type: Normal boot 16:41:02.0946 0x2f50 CodeIntegrityOptions = 0x00000001 16:41:02.0946 0x2f50 ============================================================ 16:41:27.0983 0x2f50 KLMD registered as C:\WINDOWS\system32\drivers\98223142.sys 16:41:27.0983 0x2f50 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1480, osProperties = 0x19 16:41:47.0419 0x2f50 System UUID: {C57E95EA-C864-B636-30A7-539B6E98374F} 16:41:47.0935 0x2f50 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:41:47.0935 0x2f50 ============================================================ 16:41:47.0935 0x2f50 \Device\Harddisk0\DR0: 16:41:47.0935 0x2f50 MBR partitions: 16:41:47.0935 0x2f50 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x1F4000 16:41:47.0935 0x2f50 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F4800, BlocksNum 0x744306D0 16:41:47.0935 0x2f50 ============================================================ 16:41:47.0950 0x2f50 C: <-> \Device\Harddisk0\DR0\Partition2 16:41:47.0950 0x2f50 F: <-> \Device\Harddisk0\DR0\Partition1 16:41:47.0950 0x2f50 ============================================================ 16:41:47.0950 0x2f50 Initialize success 16:41:47.0950 0x2f50 ============================================================ 16:42:50.0002 0x3668 ============================================================ 16:42:50.0002 0x3668 Scan started 16:42:50.0002 0x3668 Mode: Manual; SigCheck; TDLFS; 16:42:50.0002 0x3668 ============================================================ 16:42:50.0002 0x3668 KSN ping started 16:42:50.0143 0x3668 KSN ping finished: true 16:42:52.0971 0x3668 ================ Scan system memory ======================== 16:42:52.0971 0x3668 System memory - ok 16:42:52.0971 0x3668 ================ Scan services ============================= 16:42:53.0049 0x3668 0130011500050593mcinstcleanup - ok 16:42:53.0190 0x3668 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 16:42:53.0237 0x3668 1394ohci - ok 16:42:53.0252 0x3668 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 16:42:53.0268 0x3668 3ware - ok 16:42:53.0299 0x3668 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 16:42:53.0315 0x3668 ACPI - ok 16:42:53.0330 0x3668 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys 16:42:53.0346 0x3668 AcpiDev - ok 16:42:53.0346 0x3668 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 16:42:53.0362 0x3668 acpiex - ok 16:42:53.0362 0x3668 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 16:42:53.0377 0x3668 acpipagr - ok 16:42:53.0377 0x3668 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 16:42:53.0393 0x3668 AcpiPmi - ok 16:42:53.0393 0x3668 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 16:42:53.0408 0x3668 acpitime - ok 16:42:53.0408 0x3668 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys 16:42:53.0424 0x3668 ACPIVPC - ok 16:42:53.0455 0x3668 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:42:53.0471 0x3668 AdobeARMservice - ok 16:42:53.0502 0x3668 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 16:42:53.0534 0x3668 ADP80XX - ok 16:42:53.0565 0x3668 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys 16:42:53.0580 0x3668 AFD - ok 16:42:53.0659 0x3668 [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 16:42:53.0705 0x3668 AGSService - ok 16:42:53.0721 0x3668 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 16:42:53.0737 0x3668 ahcache - ok 16:42:53.0737 0x3668 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll 16:42:53.0752 0x3668 AJRouter - ok 16:42:53.0768 0x3668 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe 16:42:53.0768 0x3668 ALG - ok 16:42:53.0783 0x3668 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 16:42:53.0799 0x3668 AmdK8 - ok 16:42:53.0799 0x3668 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 16:42:53.0815 0x3668 AmdPPM - ok 16:42:53.0815 0x3668 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 16:42:53.0830 0x3668 amdsata - ok 16:42:53.0846 0x3668 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 16:42:53.0862 0x3668 amdsbs - ok 16:42:53.0862 0x3668 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 16:42:53.0880 0x3668 amdxata - ok 16:42:53.0896 0x3668 [ C53B7AE56F2000232733765F9FFCD13F, 99FF2ABA0FC862B727A2F88E2A7E5F30BD22460EA7B53386CAD7FEF3B1BC7C4C ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 16:42:53.0913 0x3668 ApfiltrService - ok 16:42:53.0914 0x3668 [ C4FB3512EA10AD146E3B18F5F8E7836E, 9F0CF4EB17133FB49B5B6230B7010B2BFB9B4B084A3AFA64AEF76EAC5F39710B ] ApHidMonitorService C:\Program Files\Apoint2K\HidMonitorSvc.exe 16:42:53.0914 0x3668 ApHidMonitorService - ok 16:42:53.0929 0x3668 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys 16:42:53.0945 0x3668 AppID - ok 16:42:53.0945 0x3668 [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 16:42:53.0961 0x3668 AppIDSvc - ok 16:42:53.0961 0x3668 [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\WINDOWS\System32\appinfo.dll 16:42:53.0976 0x3668 Appinfo - ok 16:42:54.0008 0x3668 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:42:54.0008 0x3668 Apple Mobile Device Service - ok 16:42:54.0008 0x3668 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys 16:42:54.0023 0x3668 applockerfltr - ok 16:42:54.0039 0x3668 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 16:42:54.0054 0x3668 AppMgmt - ok 16:42:54.0086 0x3668 [ 7552751C3F43335F030029EB83D6EC0D, 608E18DAAD34FB5F1D3333034CC9682AC7D166C54B1EAD011696F8122F9F3B6A ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 16:42:54.0101 0x3668 AppReadiness - ok 16:42:54.0133 0x3668 [ 524CD6F52AE14D6C01424A846352D33E, 758EC66C0D4F5D1F2BB601A170676B67D462D46BB3F5BED89D37748C8992166A ] AppVClient C:\WINDOWS\system32\AppVClient.exe 16:42:54.0164 0x3668 AppVClient - ok 16:42:54.0164 0x3668 [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys 16:42:54.0179 0x3668 AppvStrm - ok 16:42:54.0179 0x3668 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys 16:42:54.0195 0x3668 AppvVemgr - ok 16:42:54.0211 0x3668 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys 16:42:54.0211 0x3668 AppvVfs - ok 16:42:54.0289 0x3668 [ FBEA76FBAC93A1DE7B3071936263DAB6, 5B1A2E29D5EA529F4D77327A0D315529D342CCF9CFC394EEF56916B6F2FBEB36 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 16:42:54.0367 0x3668 AppXSvc - ok 16:42:54.0367 0x3668 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 16:42:54.0383 0x3668 arcsas - ok 16:42:54.0383 0x3668 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 16:42:54.0398 0x3668 AsyncMac - ok 16:42:54.0414 0x3668 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 16:42:54.0414 0x3668 atapi - ok 16:42:54.0429 0x3668 [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 16:42:54.0461 0x3668 AudioEndpointBuilder - ok 16:42:54.0476 0x3668 [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 16:42:54.0523 0x3668 Audiosrv - ok 16:42:54.0523 0x3668 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 16:42:54.0539 0x3668 AxInstSV - ok 16:42:54.0554 0x3668 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 16:42:54.0586 0x3668 b06bdrv - ok 16:42:54.0586 0x3668 [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 16:42:54.0601 0x3668 BasicDisplay - ok 16:42:54.0601 0x3668 [ 72ABA6AC74F7AA9C9A4AC61BE628ADD1, 4B0F0B9224A3CA52F9F17FCE7A7DCABBDF2DC0B084EAA1B89807B58D0F866788 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 16:42:54.0617 0x3668 BasicRender - ok 16:42:54.0617 0x3668 [ 6FED40EC0DB11DF1B2AD08621FBDDED6, 06258C9C9B7C231A6900E1E237001A4E5513F74CEA7B4DFAB56490D455AB0549 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys 16:42:54.0633 0x3668 bcbtums - ok 16:42:54.0820 0x3668 [ E6618C2CAEEE8A2644FD46B98304954A, 64CBE1AA061F0CC761A6D9E3C0E4C484EE09CACA932CB18D1947BC7D9F893BA3 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys 16:42:55.0039 0x3668 BCM43XX - ok 16:42:55.0086 0x3668 [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe 16:42:55.0148 0x3668 BcmBtRSupport - ok 16:42:55.0148 0x3668 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 16:42:55.0164 0x3668 bcmfn - ok 16:42:55.0164 0x3668 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 16:42:55.0179 0x3668 bcmfn2 - ok 16:42:55.0195 0x3668 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 16:42:55.0226 0x3668 BDESVC - ok 16:42:55.0226 0x3668 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:42:55.0242 0x3668 Beep - ok 16:42:55.0258 0x3668 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll 16:42:55.0289 0x3668 BFE - ok 16:42:55.0320 0x3668 [ A344054D9965A116EC99C9AE63729782, 5A522EFD0BB30A997C221B4018E457E46447CB891A48977461C0EAE95FECA04C ] BITS C:\WINDOWS\System32\qmgr.dll 16:42:55.0351 0x3668 BITS - ok 16:42:55.0367 0x3668 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 16:42:55.0383 0x3668 Bonjour Service - ok 16:42:55.0398 0x3668 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 16:42:55.0414 0x3668 bowser - ok 16:42:55.0429 0x3668 [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 16:42:55.0461 0x3668 BrokerInfrastructure - ok 16:42:55.0461 0x3668 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll 16:42:55.0476 0x3668 Browser - ok 16:42:55.0508 0x3668 [ 5A567D554A936735EFE98128BB946625, F9B4D59FECCF72CA76D024F6DFEF42C26B76679CB10138AF369BCC7126D9C25B ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 16:42:55.0523 0x3668 BstHdAndroidSvc - ok 16:42:55.0523 0x3668 [ CA4F8CFE4641DC211C80B46EAFF181E1, 28F95D32CB0E2A62A518A1FCC286A127FFF9D32D94EAE2D47581CBD425164B1C ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 16:42:55.0539 0x3668 BstHdDrv - ok 16:42:55.0555 0x3668 [ BE6EB48B31500775F48FE96DA1BE87CA, D3BE40EDA9730378FF8BCBF080894163146B5B521930F60A8CCD7C099662E920 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 16:42:55.0555 0x3668 BstHdLogRotatorSvc - ok 16:42:55.0586 0x3668 [ 399A83F36089A34A30346F518E075A1D, 7F8377951269A7421AAAB9FBCC9A969B3CF33B82C9A8A8AC54E977E92B1EB73D ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe 16:42:55.0601 0x3668 BstHdUpdaterSvc - ok 16:42:55.0601 0x3668 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 16:42:55.0617 0x3668 BthAvrcpTg - ok 16:42:55.0617 0x3668 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 16:42:55.0633 0x3668 BthEnum - ok 16:42:55.0648 0x3668 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 16:42:55.0648 0x3668 BthHFEnum - ok 16:42:55.0664 0x3668 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 16:42:55.0664 0x3668 bthhfhid - ok 16:42:55.0695 0x3668 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 16:42:55.0711 0x3668 BthHFSrv - ok 16:42:55.0726 0x3668 [ 164C495A72CF56BE2E47C9FA455B57D1, 034EF89B04F639E2538BA85BB5262A2E230A4CE29E0CC982B6E014F0D299A88E ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 16:42:55.0742 0x3668 BthLEEnum - ok 16:42:55.0742 0x3668 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 16:42:55.0758 0x3668 BTHMODEM - ok 16:42:55.0758 0x3668 [ 09A2E0DF0ED1D5D3F8C6779A0CC19529, F3A40FAE722C8065D2AF65AACB8013A6E45073BEC4A1026FE53179C603351036 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 16:42:55.0773 0x3668 BthPan - ok 16:42:55.0805 0x3668 [ 34C35293F5A3DEFEC59DBCD7BD4C17D0, B1F39B8E348BDF936ED4C9544712A8A103D02B039658A98C0C465249769C7D20 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys 16:42:55.0836 0x3668 BTHPORT - ok 16:42:55.0851 0x3668 [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv C:\WINDOWS\system32\bthserv.dll 16:42:55.0867 0x3668 bthserv - ok 16:42:55.0883 0x3668 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys 16:42:55.0898 0x3668 BTHUSB - ok 16:42:55.0898 0x3668 [ 8B8B304DF17084338326BC4ACC2716C5, 426D56742D0E3E8471EE28FC5E0158223826770DF5BED88D5863D265A070A45D ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys 16:42:55.0914 0x3668 btwampfl - ok 16:42:55.0914 0x3668 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 16:42:55.0930 0x3668 buttonconverter - ok 16:42:55.0930 0x3668 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 16:42:55.0945 0x3668 CapImg - ok 16:42:55.0945 0x3668 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 16:42:55.0961 0x3668 cdfs - ok 16:42:55.0976 0x3668 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 16:42:56.0008 0x3668 CDPSvc - ok 16:42:56.0023 0x3668 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll 16:42:56.0039 0x3668 CDPUserSvc - ok 16:42:56.0117 0x3668 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 16:42:56.0133 0x3668 cdrom - ok 16:42:56.0148 0x3668 [ F99E6C664A3D503878DAD628088AF855, C73E0F2F10C42600D98EFB4960ED9B186E8C41F0EDA5EBE9E85DB212AFF5DE79 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 16:42:56.0164 0x3668 CertPropSvc - ok 16:42:56.0164 0x3668 [ FB269C967C148E7EAC674718BF48E041, C5ABB51CD35360A752C2D029E1DA377865C9FF285309FDEFF6B6957095229A72 ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys 16:42:56.0180 0x3668 cfwids - ok 16:42:56.0195 0x3668 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe 16:42:56.0211 0x3668 chip1click - detected UnsignedFile.Multi.Generic ( 1 ) 16:42:56.0383 0x3668 Detect skipped due to KSN trusted 16:42:56.0383 0x3668 chip1click - ok 16:42:56.0383 0x3668 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys 16:42:56.0414 0x3668 cht4iscsi - ok 16:42:56.0461 0x3668 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys 16:42:56.0508 0x3668 cht4vbd - ok 16:42:56.0523 0x3668 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 16:42:56.0539 0x3668 circlass - ok 16:42:56.0555 0x3668 [ 792B891721F098A50C9ED95D3E549B5A, 06B371A6FB900A9D2385609696E64F1AD2F34C2D597959B9B05EDF2A8DFBD8EC ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 16:42:56.0570 0x3668 CLFS - ok 16:42:56.0617 0x3668 [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe 16:42:56.0664 0x3668 ClientAnalyticsService - ok 16:42:56.0695 0x3668 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 16:42:56.0711 0x3668 ClipSVC - ok 16:42:56.0711 0x3668 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys 16:42:56.0726 0x3668 clreg - ok 16:42:56.0742 0x3668 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 16:42:56.0742 0x3668 CmBatt - ok 16:42:56.0773 0x3668 [ 6DEB975950920360BB4C62D6EF9E60B8, C8A6BB267A3EF932E373D07A5FE44B0FA27CECBE7A12BC93EA89574DDA69B41F ] CNG C:\WINDOWS\system32\Drivers\cng.sys 16:42:56.0789 0x3668 CNG - ok 16:42:56.0805 0x3668 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 16:42:56.0805 0x3668 cnghwassist - ok 16:42:56.0844 0x3668 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 16:42:56.0856 0x3668 CompositeBus - ok 16:42:56.0861 0x3668 COMSysApp - ok 16:42:56.0865 0x3668 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 16:42:56.0867 0x3668 condrv - ok 16:42:56.0898 0x3668 [ 28E13353F8AED53ABD6668FAAEC7677F, AC2765C64678869D8FAF6008C8B5E2424A4DD6FDD9E8A8EF169ADA7E8107D201 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 16:42:56.0929 0x3668 CoreMessagingRegistrar - ok 16:42:57.0023 0x3668 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 16:42:57.0038 0x3668 cphs - ok 16:42:57.0038 0x3668 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 16:42:57.0054 0x3668 CryptSvc - ok 16:42:57.0070 0x3668 [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC C:\WINDOWS\system32\drivers\csc.sys 16:42:57.0101 0x3668 CSC - ok 16:42:57.0117 0x3668 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll 16:42:57.0148 0x3668 CscService - ok 16:42:57.0148 0x3668 [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\WINDOWS\system32\drivers\dam.sys 16:42:57.0163 0x3668 dam - ok 16:42:57.0179 0x3668 [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:42:57.0226 0x3668 DcomLaunch - ok 16:42:57.0226 0x3668 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 16:42:57.0242 0x3668 DcpSvc - ok 16:42:57.0257 0x3668 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 16:42:57.0288 0x3668 defragsvc - ok 16:42:57.0304 0x3668 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 16:42:57.0335 0x3668 DeviceAssociationService - ok 16:42:57.0335 0x3668 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 16:42:57.0351 0x3668 DeviceInstall - ok 16:42:57.0351 0x3668 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 16:42:57.0367 0x3668 DevQueryBroker - ok 16:42:57.0382 0x3668 [ 385E6F76E684E7EEEECBBB156C45D191, 2BF808B095625DB9613683508B8D8B194ED1810FA0519C272BB0DF42563B9BD4 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 16:42:57.0398 0x3668 Dfsc - ok 16:42:57.0413 0x3668 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 16:42:57.0429 0x3668 Dhcp - ok 16:42:57.0429 0x3668 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 16:42:57.0445 0x3668 diagnosticshub.standardcollector.service - ok 16:42:57.0492 0x3668 [ 8420D9DD3E79AB28B5EBE79F050BA8BC, 45DD92F804E720636BDBE4CE9CB46594425988BEAE66CDDA8DD7EBBB47E16C7C ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 16:42:57.0555 0x3668 DiagTrack - ok 16:42:57.0570 0x3668 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys 16:42:57.0586 0x3668 disk - ok 16:42:57.0602 0x3668 [ DD1DFB1551BD861BBCCC4374C054520A, 7371D9201E67659B052DFDAEFE60514C8402239498F86D1706114E3D7023A85C ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 16:42:57.0617 0x3668 DmEnrollmentSvc - ok 16:42:57.0633 0x3668 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 16:42:57.0633 0x3668 dmvsc - ok 16:42:57.0648 0x3668 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 16:42:57.0664 0x3668 dmwappushservice - ok 16:42:57.0680 0x3668 [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:42:57.0695 0x3668 Dnscache - ok 16:42:57.0711 0x3668 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll 16:42:57.0727 0x3668 dot3svc - ok 16:42:57.0742 0x3668 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll 16:42:57.0758 0x3668 DPS - ok 16:42:57.0758 0x3668 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys 16:42:57.0773 0x3668 drmkaud - ok 16:42:57.0773 0x3668 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 16:42:57.0805 0x3668 DsmSvc - ok 16:42:57.0805 0x3668 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll 16:42:57.0820 0x3668 DsSvc - ok 16:42:57.0867 0x3668 [ C867FABEFF1A553330093384D022F963, 85910F3D2BAB804308DFB31DB16178B6A8EE0D3C9B3695F4E4F2DAF14EA98BAD ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 16:42:57.0930 0x3668 DXGKrnl - ok 16:42:57.0930 0x3668 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll 16:42:57.0961 0x3668 EapHost - ok 16:42:58.0055 0x3668 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 16:42:58.0133 0x3668 ebdrv - ok 16:42:58.0133 0x3668 [ EA0D394EF9A9F225A5C4BD6EC83FE78A, 960EE6EC293B7CF62F2E6F49ED197783C7AD860E4DD23BAA0200D300D31E8B56 ] EFS C:\WINDOWS\System32\lsass.exe 16:42:58.0148 0x3668 EFS - ok 16:42:58.0148 0x3668 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 16:42:58.0164 0x3668 EhStorClass - ok 16:42:58.0180 0x3668 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 16:42:58.0195 0x3668 EhStorTcgDrv - ok 16:42:58.0195 0x3668 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 16:42:58.0211 0x3668 embeddedmode - ok 16:42:58.0242 0x3668 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 16:42:58.0258 0x3668 EntAppSvc - ok 16:42:58.0258 0x3668 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 16:42:58.0273 0x3668 ErrDev - ok 16:42:58.0289 0x3668 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll 16:42:58.0305 0x3668 EventSystem - ok 16:42:58.0320 0x3668 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys 16:42:58.0336 0x3668 exfat - ok 16:42:58.0352 0x3668 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 16:42:58.0367 0x3668 fastfat - ok 16:42:58.0383 0x3668 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe 16:42:58.0414 0x3668 Fax - ok 16:42:58.0414 0x3668 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 16:42:58.0430 0x3668 fdc - ok 16:42:58.0445 0x3668 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 16:42:58.0461 0x3668 fdPHost - ok 16:42:58.0461 0x3668 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll 16:42:58.0477 0x3668 FDResPub - ok 16:42:58.0477 0x3668 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 16:42:58.0492 0x3668 fhsvc - ok 16:42:58.0508 0x3668 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 16:42:58.0508 0x3668 FileCrypt - ok 16:42:58.0523 0x3668 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 16:42:58.0523 0x3668 FileInfo - ok 16:42:58.0539 0x3668 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 16:42:58.0555 0x3668 Filetrace - ok 16:42:58.0555 0x3668 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 16:42:58.0570 0x3668 flpydisk - ok 16:42:58.0570 0x3668 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:42:58.0586 0x3668 FltMgr - ok 16:42:58.0633 0x3668 [ 5070B37B20DDC257AF93EB0BE8AB5690, B6ADFC68F07F8C84B79DE8E93E4735AB35146632563BA2C4279809A8DA4BE6BC ] FontCache C:\WINDOWS\system32\FntCache.dll 16:42:58.0711 0x3668 FontCache - ok 16:42:58.0742 0x3668 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:42:58.0758 0x3668 FontCache3.0.0.0 - ok 16:42:58.0789 0x3668 [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\WINDOWS\system32\FrameServer.dll 16:42:58.0820 0x3668 FrameServer - ok 16:42:58.0820 0x3668 [ 01D875EF64B187F8C0775E2616AD56A4, F287E5F5D85BF2E10F5D6E124574FC7B294443F38B54EF20614B9589459BADC2 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 16:42:58.0836 0x3668 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 ) 16:42:59.0148 0x3668 Detect skipped due to KSN trusted 16:42:59.0148 0x3668 Freemake Improver - ok 16:42:59.0180 0x3668 [ BDF9B38E0331115B3D94157BAF368408, 9F01AB78441B04027D3C662503EAF0B20F6DC9F16A5AD82B000294454B2B12B3 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe 16:42:59.0180 0x3668 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 ) 16:42:59.0305 0x3668 Detect skipped due to KSN trusted 16:42:59.0305 0x3668 FreemakeVideoCapture - ok 16:42:59.0305 0x3668 [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 16:42:59.0320 0x3668 FsDepends - ok 16:42:59.0320 0x3668 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:42:59.0336 0x3668 Fs_Rec - ok 16:42:59.0352 0x3668 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 16:42:59.0367 0x3668 fvevol - ok 16:42:59.0383 0x3668 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 16:42:59.0383 0x3668 GEARAspiWDM - ok 16:42:59.0383 0x3668 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 16:42:59.0398 0x3668 gencounter - ok 16:42:59.0398 0x3668 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 16:42:59.0414 0x3668 genericusbfn - ok 16:42:59.0461 0x3668 [ 11CE87BFED28457EC4A2FA264C83312E, 4171F6E7F9988B6174917992FB7DD97BCC6657DBC3D000016A4F5D1E4B5A338E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 16:42:59.0492 0x3668 GfExperienceService - ok 16:42:59.0492 0x3668 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 16:42:59.0508 0x3668 GPIOClx0101 - ok 16:42:59.0539 0x3668 [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\WINDOWS\System32\gpsvc.dll 16:42:59.0586 0x3668 gpsvc - ok 16:42:59.0586 0x3668 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 16:42:59.0602 0x3668 GpuEnergyDrv - ok 16:42:59.0617 0x3668 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys 16:42:59.0649 0x3668 HdAudAddService - ok 16:42:59.0649 0x3668 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 16:42:59.0664 0x3668 HDAudBus - ok 16:42:59.0664 0x3668 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 16:42:59.0680 0x3668 HidBatt - ok 16:42:59.0680 0x3668 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 16:42:59.0695 0x3668 HidBth - ok 16:42:59.0695 0x3668 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 16:42:59.0711 0x3668 hidi2c - ok 16:42:59.0727 0x3668 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 16:42:59.0742 0x3668 hidinterrupt - ok 16:42:59.0742 0x3668 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 16:42:59.0758 0x3668 HidIr - ok 16:42:59.0758 0x3668 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll 16:42:59.0774 0x3668 hidserv - ok 16:42:59.0774 0x3668 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 16:42:59.0789 0x3668 HidUsb - ok 16:42:59.0789 0x3668 [ 0BC61E0F614A6E69654A23084A8D24B7, B532665B7AC45CB7C324F5BE8999088291FEB5D768A234E13C96022E14E7888F ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys 16:42:59.0805 0x3668 HipShieldK - ok 16:42:59.0820 0x3668 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 16:42:59.0836 0x3668 HomeGroupListener - ok 16:42:59.0852 0x3668 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 16:42:59.0883 0x3668 HomeGroupProvider - ok 16:42:59.0914 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:42:59.0930 0x3668 HomeNetSvc - ok 16:42:59.0930 0x3668 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 16:42:59.0945 0x3668 HpSAMD - ok 16:42:59.0961 0x3668 [ EC5DA4E49586AAB1E148CC8038DE3A5E, B6AEE3D0FB1CFA305541C6794666D60EFDE857022FF064CD5EA6E479A3B25024 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 16:42:59.0992 0x3668 HTTP - ok 16:43:00.0008 0x3668 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 16:43:00.0024 0x3668 HvHost - ok 16:43:00.0039 0x3668 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 16:43:00.0039 0x3668 hvservice - ok 16:43:00.0055 0x3668 [ 94724AD8E21E3CFF22A2FAB7BBABF725, 226F76C7CF80AF734DB64111E95595EC5E02658482A574643900A6C61A69236C ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO64A.SYS 16:43:00.0055 0x3668 HWiNFO32 - ok 16:43:00.0055 0x3668 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 16:43:00.0070 0x3668 hwpolicy - ok 16:43:00.0070 0x3668 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 16:43:00.0086 0x3668 hyperkbd - ok 16:43:00.0086 0x3668 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 16:43:00.0102 0x3668 i8042prt - ok 16:43:00.0117 0x3668 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys 16:43:00.0117 0x3668 iagpio - ok 16:43:00.0133 0x3668 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 16:43:00.0149 0x3668 iai2c - ok 16:43:00.0149 0x3668 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 16:43:00.0164 0x3668 iaLPSS2i_GPIO2 - ok 16:43:00.0164 0x3668 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 16:43:00.0180 0x3668 iaLPSS2i_I2C - ok 16:43:00.0180 0x3668 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16:43:00.0195 0x3668 iaLPSSi_GPIO - ok 16:43:00.0195 0x3668 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 16:43:00.0211 0x3668 iaLPSSi_I2C - ok 16:43:00.0227 0x3668 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 16:43:00.0242 0x3668 iaStorA - ok 16:43:00.0258 0x3668 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 16:43:00.0289 0x3668 iaStorAV - ok 16:43:00.0305 0x3668 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 16:43:00.0320 0x3668 IAStorDataMgrSvc - ok 16:43:00.0320 0x3668 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 16:43:00.0336 0x3668 iaStorV - ok 16:43:00.0352 0x3668 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 16:43:00.0383 0x3668 ibbus - ok 16:43:00.0399 0x3668 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll 16:43:00.0414 0x3668 icssvc - ok 16:43:00.0602 0x3668 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 16:43:00.0742 0x3668 igfx - ok 16:43:00.0758 0x3668 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 16:43:00.0774 0x3668 igfxCUIService2.0.0.0 - ok 16:43:00.0805 0x3668 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll 16:43:00.0852 0x3668 IKEEXT - ok 16:43:00.0852 0x3668 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys 16:43:00.0867 0x3668 IndirectKmd - ok 16:43:00.0867 0x3668 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 16:43:00.0867 0x3668 intaud_WaveExtensible - ok 16:43:00.0977 0x3668 [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 16:43:01.0039 0x3668 IntcAzAudAddService - ok 16:43:01.0055 0x3668 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 16:43:01.0070 0x3668 IntcDAud - ok 16:43:01.0102 0x3668 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 16:43:01.0117 0x3668 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 16:43:01.0445 0x3668 Detect skipped due to KSN trusted 16:43:01.0445 0x3668 Intel(R) Capability Licensing Service Interface - ok 16:43:01.0461 0x3668 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 16:43:01.0492 0x3668 Intel(R) Capability Licensing Service TCP IP Interface - ok 16:43:01.0508 0x3668 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 16:43:01.0508 0x3668 Intel(R) ME Service - ok 16:43:01.0539 0x3668 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys 16:43:01.0539 0x3668 intelide - ok 16:43:01.0539 0x3668 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 16:43:01.0555 0x3668 intelpep - ok 16:43:01.0555 0x3668 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 16:43:01.0570 0x3668 intelppm - ok 16:43:01.0586 0x3668 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 16:43:01.0586 0x3668 iorate - ok 16:43:01.0602 0x3668 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:43:01.0617 0x3668 IpFilterDriver - ok 16:43:01.0633 0x3668 [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 16:43:01.0664 0x3668 iphlpsvc - ok 16:43:01.0680 0x3668 [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 16:43:01.0695 0x3668 IPMIDRV - ok 16:43:01.0727 0x3668 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 16:43:01.0742 0x3668 IPNAT - ok 16:43:01.0758 0x3668 [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 16:43:01.0774 0x3668 iPod Service - ok 16:43:01.0789 0x3668 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys 16:43:01.0805 0x3668 irda - ok 16:43:01.0805 0x3668 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 16:43:01.0820 0x3668 IRENUM - ok 16:43:01.0820 0x3668 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll 16:43:01.0836 0x3668 irmon - ok 16:43:01.0836 0x3668 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 16:43:01.0852 0x3668 isapnp - ok 16:43:01.0852 0x3668 [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 16:43:01.0867 0x3668 iScsiPrt - ok 16:43:01.0867 0x3668 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 16:43:01.0883 0x3668 iwdbus - ok 16:43:01.0899 0x3668 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 16:43:01.0899 0x3668 jhi_service - ok 16:43:01.0914 0x3668 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 16:43:01.0930 0x3668 kbdclass - ok 16:43:01.0930 0x3668 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 16:43:01.0945 0x3668 kbdhid - ok 16:43:01.0945 0x3668 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 16:43:01.0961 0x3668 kdnic - ok 16:43:01.0977 0x3668 [ EA0D394EF9A9F225A5C4BD6EC83FE78A, 960EE6EC293B7CF62F2E6F49ED197783C7AD860E4DD23BAA0200D300D31E8B56 ] KeyIso C:\WINDOWS\system32\lsass.exe 16:43:01.0977 0x3668 KeyIso - ok 16:43:01.0992 0x3668 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 16:43:02.0008 0x3668 KSecDD - ok 16:43:02.0024 0x3668 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 16:43:02.0024 0x3668 KSecPkg - ok 16:43:02.0039 0x3668 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 16:43:02.0055 0x3668 ksthunk - ok 16:43:02.0055 0x3668 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 16:43:02.0086 0x3668 KtmRm - ok 16:43:02.0102 0x3668 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 16:43:02.0117 0x3668 LanmanServer - ok 16:43:02.0117 0x3668 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 16:43:02.0149 0x3668 LanmanWorkstation - ok 16:43:02.0180 0x3668 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll 16:43:02.0180 0x3668 lfsvc - ok 16:43:02.0195 0x3668 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 16:43:02.0195 0x3668 LicenseManager - ok 16:43:02.0211 0x3668 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 16:43:02.0211 0x3668 lltdio - ok 16:43:02.0227 0x3668 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 16:43:02.0242 0x3668 lltdsvc - ok 16:43:02.0258 0x3668 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 16:43:02.0274 0x3668 lmhosts - ok 16:43:02.0289 0x3668 [ C8AE2216F31AB6A6CED3B4BEB377BF1D, 6DA89AB9060E24A2643019869DF8EF69D172AD3D066D9038614F7214216E51C4 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 16:43:02.0305 0x3668 LMS - ok 16:43:02.0352 0x3668 [ BC66D9B10B79930D6C42DB989BD89642, 90A736E9C4B80E336938F9AB178C1BD5E3DCBE062AAAE4EEED5543286D6A62C8 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe 16:43:02.0367 0x3668 LSC.Services.SystemService - ok 16:43:02.0383 0x3668 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 16:43:02.0399 0x3668 LSI_SAS - ok 16:43:02.0399 0x3668 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 16:43:02.0414 0x3668 LSI_SAS2i - ok 16:43:02.0414 0x3668 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 16:43:02.0430 0x3668 LSI_SAS3i - ok 16:43:02.0430 0x3668 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 16:43:02.0445 0x3668 LSI_SSS - ok 16:43:02.0461 0x3668 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll 16:43:02.0492 0x3668 LSM - ok 16:43:02.0492 0x3668 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 16:43:02.0508 0x3668 luafv - ok 16:43:02.0508 0x3668 [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\WINDOWS\System32\moshost.dll 16:43:02.0524 0x3668 MapsBroker - ok 16:43:02.0555 0x3668 [ 1CB5F4F5000DB779E8595F771D0095B3, BCA6F37438F17797B472199D1B6E9741CC600C8AE89B748C682D83019A49CF3D ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe 16:43:02.0555 0x3668 McAfee SiteAdvisor Service - ok 16:43:02.0586 0x3668 [ 8D9A3FE17826A78F8B7A2BFF3A2283F8, 7A61BCB81FB04278F22A7AF74AA2F985C91E3351F3D4EC6AF22CEE441FCC81AD ] McAPExe C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe 16:43:02.0617 0x3668 McAPExe - ok 16:43:02.0649 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:43:02.0664 0x3668 McBootDelayStartSvc - ok 16:43:02.0727 0x3668 [ 859EE4B50C89ACD15F32F9F435CB78F3, 2579B4DD3065C7FF42E937CA9FF8E69883AD9EEC25588951E2AA337AE16F1830 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe 16:43:02.0774 0x3668 mccspsvc - ok 16:43:02.0789 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:43:02.0805 0x3668 McMPFSvc - ok 16:43:02.0821 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:43:02.0852 0x3668 mcpltsvc - ok 16:43:02.0852 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:43:02.0883 0x3668 McProxy - ok 16:43:02.0883 0x3668 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys 16:43:02.0899 0x3668 megasas - ok 16:43:02.0899 0x3668 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys 16:43:02.0914 0x3668 megasas2i - ok 16:43:02.0930 0x3668 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys 16:43:02.0946 0x3668 megasr - ok 16:43:02.0946 0x3668 [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 16:43:02.0961 0x3668 MEIx64 - ok 16:43:02.0961 0x3668 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 16:43:02.0977 0x3668 MessagingService - ok 16:43:03.0024 0x3668 [ 0CE0C8EDB5CCB418E59ADA42414C5D8E, 90CE5E142139576B0C9696BF04EDD6AA598C0F238F6EB96A4B514543846A917A ] mfeaack C:\WINDOWS\system32\drivers\mfeaack.sys 16:43:03.0039 0x3668 mfeaack - ok 16:43:03.0039 0x3668 [ 9BDCE025A5742B49AE6C3E42D96CAB5E, BB550EADCBF001D57ADB79DB44CFC214A32ABC3AF7ED58B414305FDF15D8F891 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys 16:43:03.0055 0x3668 mfeavfk - ok 16:43:03.0086 0x3668 mfeavfk01 - ok 16:43:03.0086 0x3668 [ 0526949EBB121F0772F39BFC595E3A6A, 1E18D4C311D02BBCCB15CDFF130DE07CB121AB10619F9C362B8F572C03A3D5E3 ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys 16:43:03.0102 0x3668 mfeelamk - ok 16:43:03.0117 0x3668 [ 4D44DAA45FD4A79E474BD824165567DC, 5CF1AB616741AA785FECABC208A52253B09387E37F36C46010404211D81E31AA ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 16:43:03.0117 0x3668 mfefire - ok 16:43:03.0149 0x3668 [ 8CC68836AE8E1FC75355C41A43AEF650, 2DE9C74F4E80BBC961E563F6EC7C67F21D9150536C30AE4C47EE5DBF5707CE07 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys 16:43:03.0164 0x3668 mfefirek - ok 16:43:03.0180 0x3668 [ 758B8B853FAD319F0C554A336D0F1F88, E8C6C0EF064ED1B56CF54C9F0CBD48A551B5DBCC4A85ED23DFA78C83BE9E3BA8 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys 16:43:03.0211 0x3668 mfehidk - ok 16:43:03.0211 0x3668 [ 3DB8E7BF041ADD3ACDE04D3EA84B4CAA, 9CC388525C141E00B3EAB47E73263C71A1DAD990949E5ED19B6EEB9AD46EA664 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe 16:43:03.0227 0x3668 mfemms - ok 16:43:03.0243 0x3668 [ D178E04CB2B5D9BC4D46C087F7BAC7EE, 0591503155F3A61B57129779C4A0EBB0726B09E6FB975C2C674FD92B740F6AD8 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys 16:43:03.0258 0x3668 mfencbdc - ok 16:43:03.0258 0x3668 [ 7F01895D5C91CEB4D3CA952F3B752EC9, 24ED860345826218CE22ABF055821AA7F5E37DC9364C6478F71A60FDDE74050D ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys 16:43:03.0274 0x3668 mfencrk - ok 16:43:03.0274 0x3668 [ 6B6BBD8708AF188F3C96B2DB4A527D72, 509CB1832FA4F4A973507CA0DAD86520743C786DC8C2F5B322E789A34E806D07 ] mfeplk C:\WINDOWS\system32\drivers\mfeplk.sys 16:43:03.0289 0x3668 mfeplk - ok 16:43:03.0321 0x3668 [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys 16:43:03.0336 0x3668 mfesapsn - ok 16:43:03.0336 0x3668 [ 31E7520068D87A40E7E5BA247A961A1E, D362471E0F320F887B5D1FF5F6862DA39DD5CF643B4F76CB4854DCEEC2A53ACB ] mfevtp C:\WINDOWS\system32\mfevtps.exe 16:43:03.0352 0x3668 mfevtp - ok 16:43:03.0367 0x3668 [ 75621FB6CEA5BB99D83162E42E19452B, F82D02CDED1D5D6AE2EB12E5A4C2E4335924A4CAD69DF8CE04E4D1CE9A195710 ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys 16:43:03.0367 0x3668 mfewfpk - ok 16:43:03.0399 0x3668 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 16:43:03.0414 0x3668 mlx4_bus - ok 16:43:03.0430 0x3668 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 16:43:03.0446 0x3668 MMCSS - ok 16:43:03.0446 0x3668 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys 16:43:03.0461 0x3668 Modem - ok 16:43:03.0492 0x3668 [ C6218FCA6A7B9F3ED5B22476DD5F6544, F33B376266035D5AD4D5C216906AEDCB16535A6A1998FD1E0F47AA53880AA7B0 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe 16:43:03.0539 0x3668 ModuleCoreService - ok 16:43:03.0539 0x3668 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys 16:43:03.0555 0x3668 monitor - ok 16:43:03.0555 0x3668 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 16:43:03.0571 0x3668 mouclass - ok 16:43:03.0571 0x3668 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 16:43:03.0586 0x3668 mouhid - ok 16:43:03.0602 0x3668 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 16:43:03.0617 0x3668 mountmgr - ok 16:43:03.0617 0x3668 [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:43:03.0633 0x3668 MozillaMaintenance - ok 16:43:03.0633 0x3668 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 16:43:03.0649 0x3668 mpsdrv - ok 16:43:03.0664 0x3668 [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 16:43:03.0696 0x3668 MpsSvc - ok 16:43:03.0742 0x3668 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 16:43:03.0758 0x3668 MRxDAV - ok 16:43:03.0774 0x3668 [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:43:03.0805 0x3668 mrxsmb - ok 16:43:03.0805 0x3668 [ CFE8297B003C85AEFB506BDDEE3E67FA, F42F2CCDB80D7F83B122FE2CFB9ED19464DAA763E6CB9272C7A1F91DF441154E ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 16:43:03.0821 0x3668 mrxsmb10 - ok 16:43:03.0836 0x3668 [ D66BB32A4C26F170F43F098BBAE245AD, 934C30358963DA85ACB749CF6A2167D9B615C5B7479F9BF73FE65C9914C177D0 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 16:43:03.0852 0x3668 mrxsmb20 - ok 16:43:03.0852 0x3668 [ 85669C51BA3BBD4CF6457C280BFAEA0C, 11D92B85B7EA837B8294B5A160E35BDE6C91FF78873B076E3B823F16384618AF ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 16:43:03.0867 0x3668 MsBridge - ok 16:43:03.0867 0x3668 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe 16:43:03.0883 0x3668 MSDTC - ok 16:43:03.0899 0x3668 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:43:03.0914 0x3668 Msfs - ok 16:43:03.0914 0x3668 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 16:43:03.0930 0x3668 msgpiowin32 - ok 16:43:03.0930 0x3668 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 16:43:03.0946 0x3668 mshidkmdf - ok 16:43:03.0946 0x3668 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 16:43:03.0961 0x3668 mshidumdf - ok 16:43:03.0961 0x3668 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 16:43:03.0977 0x3668 msisadrv - ok 16:43:03.0977 0x3668 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 16:43:03.0992 0x3668 MSiSCSI - ok 16:43:03.0992 0x3668 msiserver - ok 16:43:04.0024 0x3668 [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 16:43:04.0039 0x3668 MSK80Service - ok 16:43:04.0055 0x3668 [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 16:43:04.0071 0x3668 MSKSSRV - ok 16:43:04.0071 0x3668 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 16:43:04.0086 0x3668 MsLldp - ok 16:43:04.0086 0x3668 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 16:43:04.0102 0x3668 MSPCLOCK - ok 16:43:04.0102 0x3668 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 16:43:04.0118 0x3668 MSPQM - ok 16:43:04.0133 0x3668 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 16:43:04.0149 0x3668 MsRPC - ok 16:43:04.0164 0x3668 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys 16:43:04.0180 0x3668 MsSecFlt - ok 16:43:04.0180 0x3668 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 16:43:04.0180 0x3668 mssmbios - ok 16:43:04.0196 0x3668 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 16:43:04.0211 0x3668 MSTEE - ok 16:43:04.0211 0x3668 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 16:43:04.0227 0x3668 MTConfig - ok 16:43:04.0227 0x3668 [ A2A906C0D38BFE1D780251D044BDBD4D, 7898F93CF4C0ABE761329F0BE43A12BDFB894465BBE5131D98D5BA6A10B3B1FD ] Mup C:\WINDOWS\system32\Drivers\mup.sys 16:43:04.0242 0x3668 Mup - ok 16:43:04.0242 0x3668 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 16:43:04.0258 0x3668 mvumis - ok 16:43:04.0274 0x3668 [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 16:43:04.0305 0x3668 NativeWifiP - ok 16:43:04.0305 0x3668 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 16:43:04.0321 0x3668 NcaSvc - ok 16:43:04.0336 0x3668 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll 16:43:04.0352 0x3668 NcbService - ok 16:43:04.0367 0x3668 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 16:43:04.0399 0x3668 NcdAutoSetup - ok 16:43:04.0399 0x3668 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 16:43:04.0414 0x3668 ndfltr - ok 16:43:04.0446 0x3668 [ A530D0C58A657BCD1629816B887661CB, EF8E25018D64F7D0EE1E05C24E0B0DB25B0ACCF13DE0FEDAF8F0AF70BC025462 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 16:43:04.0477 0x3668 NDIS - ok 16:43:04.0477 0x3668 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 16:43:04.0492 0x3668 NdisCap - ok 16:43:04.0492 0x3668 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 16:43:04.0508 0x3668 NdisImPlatform - ok 16:43:04.0524 0x3668 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:43:04.0539 0x3668 NdisTapi - ok 16:43:04.0539 0x3668 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 16:43:04.0555 0x3668 Ndisuio - ok 16:43:04.0571 0x3668 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 16:43:04.0571 0x3668 NdisVirtualBus - ok 16:43:04.0586 0x3668 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 16:43:04.0602 0x3668 NdisWan - ok 16:43:04.0618 0x3668 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:43:04.0633 0x3668 ndiswanlegacy - ok 16:43:04.0633 0x3668 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 16:43:04.0664 0x3668 ndproxy - ok 16:43:04.0664 0x3668 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 16:43:04.0680 0x3668 Ndu - ok 16:43:04.0696 0x3668 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys 16:43:04.0711 0x3668 NetAdapterCx - ok 16:43:04.0711 0x3668 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 16:43:04.0727 0x3668 NetBIOS - ok 16:43:04.0727 0x3668 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:43:04.0758 0x3668 NetBT - ok 16:43:04.0758 0x3668 [ EA0D394EF9A9F225A5C4BD6EC83FE78A, 960EE6EC293B7CF62F2E6F49ED197783C7AD860E4DD23BAA0200D300D31E8B56 ] Netlogon C:\WINDOWS\system32\lsass.exe 16:43:04.0774 0x3668 Netlogon - ok 16:43:04.0805 0x3668 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll 16:43:04.0821 0x3668 Netman - ok 16:43:04.0836 0x3668 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 16:43:04.0867 0x3668 netprofm - ok 16:43:04.0883 0x3668 [ E0981C2DA535C7D579601C967210E25E, C4EF0A5E34B91D34481FA80904A5A71F22D837029A8EC9F95DE3C1F9BC68F8C0 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 16:43:04.0899 0x3668 NetSetupSvc - ok 16:43:04.0914 0x3668 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:43:04.0930 0x3668 NetTcpPortSharing - ok 16:43:04.0946 0x3668 [ 5B934F4E9725CB774FA9649D5ECB8F02, 173E8A754C014C13E1CD0155C178DAF108C1A81B2264015CD6998EE9CB2516DA ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 16:43:04.0961 0x3668 NgcCtnrSvc - ok 16:43:04.0992 0x3668 [ 00A0987633FADDDEAFC24AF3C6821A59, 72ADCD823AC8D8CA3937AB8220AF30AFCCFA2BAE47FB1991530EFCCC48A190B6 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 16:43:05.0039 0x3668 NgcSvc - ok 16:43:05.0071 0x3668 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 16:43:05.0086 0x3668 NlaSvc - ok 16:43:05.0102 0x3668 NPF - ok 16:43:05.0102 0x3668 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:43:05.0118 0x3668 Npfs - ok 16:43:05.0118 0x3668 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 16:43:05.0133 0x3668 npsvctrig - ok 16:43:05.0149 0x3668 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll 16:43:05.0164 0x3668 nsi - ok 16:43:05.0164 0x3668 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 16:43:05.0180 0x3668 nsiproxy - ok 16:43:05.0258 0x3668 [ 1668185FD94CDFB8E148A6C7DC76B4DB, 7D3E3AC97BD01EA30BAF4123092A8FA3B12F9E2120E0A3FA99855982B5944214 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 16:43:05.0336 0x3668 NTFS - ok 16:43:05.0336 0x3668 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys 16:43:05.0352 0x3668 Null - ok 16:43:05.0727 0x3668 [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys 16:43:06.0008 0x3668 nvlddmkm - ok 16:43:06.0055 0x3668 [ C4EFFA3554FA1B6E924209721A5ECD4E, 3AA2F87811804E5EF99ADDBDE6167E223C009C0649CB6B53D0454ADEDA5AF56C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 16:43:06.0102 0x3668 NvNetworkService - ok 16:43:06.0102 0x3668 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 16:43:06.0118 0x3668 nvraid - ok 16:43:06.0118 0x3668 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 16:43:06.0133 0x3668 nvstor - ok 16:43:06.0149 0x3668 [ 47EB46B8E8CE8DA4560F67B6F38F3763, 61A2194C7802A4297D8D4BA33CC270FF71B06727E3A2E652CEB27EE38FE0C7E5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 16:43:06.0165 0x3668 NvStreamKms - ok 16:43:06.0665 0x3668 [ 34878C9CFF0F0B95082A92F3A03A3F7B, 10B7CA015DF0381A76FFCCDAEB97D178F63219B7DA896981C32042B2FCF97506 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 16:43:07.0055 0x3668 NvStreamSvc - ok 16:43:07.0086 0x3668 [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 16:43:07.0102 0x3668 nvvad_WaveExtensible - ok 16:43:07.0102 0x3668 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 16:43:07.0133 0x3668 OneSyncSvc - ok 16:43:07.0149 0x3668 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 16:43:07.0180 0x3668 p2pimsvc - ok 16:43:07.0196 0x3668 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll 16:43:07.0211 0x3668 p2psvc - ok 16:43:07.0227 0x3668 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys 16:43:07.0227 0x3668 Parport - ok 16:43:07.0258 0x3668 [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 16:43:07.0274 0x3668 partmgr - ok 16:43:07.0274 0x3668 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 16:43:07.0305 0x3668 PcaSvc - ok 16:43:07.0321 0x3668 [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys 16:43:07.0336 0x3668 pci - ok 16:43:07.0352 0x3668 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys 16:43:07.0368 0x3668 pciide - ok 16:43:07.0383 0x3668 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 16:43:07.0399 0x3668 pcmcia - ok 16:43:07.0399 0x3668 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 16:43:07.0415 0x3668 pcw - ok 16:43:07.0415 0x3668 [ 382D493B91B816D12C6F775E7896ED29, A1AECF74577CA229FD096DFAA67C8E00FA4A648F5BD72DBF4C8BDA99F325C6A5 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 16:43:07.0430 0x3668 pdc - ok 16:43:07.0446 0x3668 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 16:43:07.0493 0x3668 PEAUTH - ok 16:43:07.0555 0x3668 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 16:43:07.0618 0x3668 PeerDistSvc - ok 16:43:07.0649 0x3668 [ D377570EEF6D4209E33F0DA40F16406C, D0F3FB99E70856A119870F594F028D3C24431BDF92DCC488F2009FC4BDA2C65D ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe 16:43:07.0680 0x3668 PEFService - ok 16:43:07.0680 0x3668 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 16:43:07.0696 0x3668 percsas2i - ok 16:43:07.0696 0x3668 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 16:43:07.0711 0x3668 percsas3i - ok 16:43:07.0790 0x3668 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 16:43:07.0805 0x3668 PerfHost - ok 16:43:07.0821 0x3668 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 16:43:07.0868 0x3668 PhoneSvc - ok 16:43:07.0883 0x3668 [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 16:43:07.0899 0x3668 PimIndexMaintenanceSvc - ok 16:43:07.0977 0x3668 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll 16:43:08.0024 0x3668 pla - ok 16:43:08.0024 0x3668 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 16:43:08.0040 0x3668 PlugPlay - ok 16:43:08.0055 0x3668 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 16:43:08.0071 0x3668 PNRPAutoReg - ok 16:43:08.0071 0x3668 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 16:43:08.0087 0x3668 PNRPsvc - ok 16:43:08.0102 0x3668 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 16:43:08.0133 0x3668 PolicyAgent - ok 16:43:08.0149 0x3668 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll 16:43:08.0165 0x3668 Power - ok 16:43:08.0180 0x3668 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 16:43:08.0196 0x3668 PptpMiniport - ok 16:43:08.0337 0x3668 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 16:43:08.0449 0x3668 PrintNotify - ok 16:43:08.0449 0x3668 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys 16:43:08.0465 0x3668 Processor - ok 16:43:08.0481 0x3668 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 16:43:08.0497 0x3668 ProfSvc - ok 16:43:08.0513 0x3668 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys 16:43:08.0513 0x3668 Psched - ok 16:43:08.0528 0x3668 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys 16:43:08.0528 0x3668 PSI - ok 16:43:08.0528 0x3668 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys 16:43:08.0544 0x3668 PxHlpa64 - ok 16:43:08.0560 0x3668 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll 16:43:08.0575 0x3668 QWAVE - ok 16:43:08.0575 0x3668 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 16:43:08.0591 0x3668 QWAVEdrv - ok 16:43:08.0591 0x3668 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:43:08.0607 0x3668 RasAcd - ok 16:43:08.0622 0x3668 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 16:43:08.0638 0x3668 RasAgileVpn - ok 16:43:08.0638 0x3668 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:43:08.0653 0x3668 RasAuto - ok 16:43:08.0653 0x3668 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 16:43:08.0669 0x3668 Rasl2tp - ok 16:43:08.0700 0x3668 [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan C:\WINDOWS\System32\rasmans.dll 16:43:08.0716 0x3668 RasMan - ok 16:43:08.0731 0x3668 [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:43:08.0747 0x3668 RasPppoe - ok 16:43:08.0747 0x3668 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 16:43:08.0778 0x3668 RasSstp - ok 16:43:08.0794 0x3668 [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:43:08.0810 0x3668 rdbss - ok 16:43:08.0825 0x3668 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 16:43:08.0825 0x3668 rdpbus - ok 16:43:08.0857 0x3668 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 16:43:08.0872 0x3668 RDPDR - ok 16:43:08.0903 0x3668 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 16:43:08.0903 0x3668 RdpVideoMiniport - ok 16:43:08.0935 0x3668 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 16:43:08.0950 0x3668 rdyboost - ok 16:43:08.0966 0x3668 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 16:43:08.0997 0x3668 ReFSv1 - ok 16:43:09.0013 0x3668 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:43:09.0028 0x3668 RemoteAccess - ok 16:43:09.0044 0x3668 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 16:43:09.0060 0x3668 RemoteRegistry - ok 16:43:09.0091 0x3668 [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 16:43:09.0122 0x3668 RetailDemo - ok 16:43:09.0138 0x3668 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 16:43:09.0153 0x3668 RFCOMM - ok |
30.07.2017, 16:09 | #6 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. 16:43:09.0153 0x3668 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll 16:43:09.0169 0x3668 RmSvc - ok 16:43:09.0169 0x3668 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 16:43:09.0185 0x3668 RpcEptMapper - ok 16:43:09.0200 0x3668 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe 16:43:09.0200 0x3668 RpcLocator - ok 16:43:09.0232 0x3668 [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:43:09.0278 0x3668 RpcSs - ok 16:43:09.0294 0x3668 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 16:43:09.0310 0x3668 rspndr - ok 16:43:09.0341 0x3668 [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 16:43:09.0372 0x3668 rt640x64 - ok 16:43:09.0388 0x3668 [ 03E76CF0657BCABA2D7F7EE4384E6562, DCCAA648A34358B3DDBF908E2136C4A3460A297AC9E001B6709C65A9F320EB07 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 16:43:09.0403 0x3668 RTSUER - ok 16:43:09.0403 0x3668 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 16:43:09.0419 0x3668 s3cap - ok 16:43:09.0419 0x3668 [ EA0D394EF9A9F225A5C4BD6EC83FE78A, 960EE6EC293B7CF62F2E6F49ED197783C7AD860E4DD23BAA0200D300D31E8B56 ] SamSs C:\WINDOWS\system32\lsass.exe 16:43:09.0435 0x3668 SamSs - ok 16:43:09.0435 0x3668 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 16:43:09.0450 0x3668 sbp2port - ok 16:43:09.0482 0x3668 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 16:43:09.0497 0x3668 SCardSvr - ok 16:43:09.0497 0x3668 [ 3FE129F92033059B84885E1F5D458EF3, 87AA6EEA47DD5DC7141DBA7A499594DC7B1E2B315370EA8F5C2FCD1FDF2FEA4C ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 16:43:09.0513 0x3668 ScDeviceEnum - ok 16:43:09.0528 0x3668 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 16:43:09.0528 0x3668 scfilter - ok 16:43:09.0560 0x3668 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:43:09.0607 0x3668 Schedule - ok 16:43:09.0622 0x3668 [ 227A7AAD04CB11116F8B935CA31F0D04, E91A2DAEF7D73115EE957FB546EF43E9610B149D3ECB911E8A687E1259D42D21 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys 16:43:09.0638 0x3668 scmbus - ok 16:43:09.0638 0x3668 [ F5923C4B0D5B1EB04CFE145F41A8B0B8, A59E755DA28A474767DE28472DB4F09F6D44A20F8C327D33D8596E56A980E8F4 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys 16:43:09.0653 0x3668 scmdisk0101 - ok 16:43:09.0669 0x3668 [ F99E6C664A3D503878DAD628088AF855, C73E0F2F10C42600D98EFB4960ED9B186E8C41F0EDA5EBE9E85DB212AFF5DE79 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 16:43:09.0685 0x3668 SCPolicySvc - ok 16:43:09.0700 0x3668 [ 08ED027CD8A43E3412BDD134A43B13E8, F5E0D7CBF2980F4B74056EC4696234F1A24E7CFE945EEB0B250498B1D934721A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 16:43:09.0716 0x3668 sdbus - ok 16:43:09.0716 0x3668 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 16:43:09.0747 0x3668 SDRSVC - ok 16:43:09.0747 0x3668 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 16:43:09.0763 0x3668 sdstor - ok 16:43:09.0763 0x3668 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll 16:43:09.0778 0x3668 seclogon - ok 16:43:09.0825 0x3668 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 16:43:09.0857 0x3668 Secunia PSI Agent - ok 16:43:09.0872 0x3668 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe 16:43:09.0888 0x3668 Secunia Update Agent - ok 16:43:09.0903 0x3668 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll 16:43:09.0919 0x3668 SENS - ok 16:43:09.0919 0x3668 Sense - ok 16:43:09.0950 0x3668 [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 16:43:09.0997 0x3668 SensorDataService - ok 16:43:10.0044 0x3668 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll 16:43:10.0060 0x3668 SensorService - ok 16:43:10.0075 0x3668 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 16:43:10.0091 0x3668 SensrSvc - ok 16:43:10.0091 0x3668 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 16:43:10.0107 0x3668 SerCx - ok 16:43:10.0122 0x3668 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 16:43:10.0138 0x3668 SerCx2 - ok 16:43:10.0138 0x3668 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 16:43:10.0153 0x3668 Serenum - ok 16:43:10.0153 0x3668 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys 16:43:10.0169 0x3668 Serial - ok 16:43:10.0185 0x3668 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 16:43:10.0185 0x3668 sermouse - ok 16:43:10.0216 0x3668 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 16:43:10.0247 0x3668 SessionEnv - ok 16:43:10.0247 0x3668 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 16:43:10.0263 0x3668 sfloppy - ok 16:43:10.0278 0x3668 [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:43:10.0310 0x3668 SharedAccess - ok 16:43:10.0341 0x3668 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:43:10.0372 0x3668 ShellHWDetection - ok 16:43:10.0372 0x3668 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 16:43:10.0388 0x3668 shpamsvc - ok 16:43:10.0403 0x3668 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 16:43:10.0403 0x3668 SiSRaid2 - ok 16:43:10.0419 0x3668 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 16:43:10.0419 0x3668 SiSRaid4 - ok 16:43:10.0450 0x3668 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:43:10.0466 0x3668 SkypeUpdate - ok 16:43:10.0466 0x3668 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll 16:43:10.0482 0x3668 smphost - ok 16:43:10.0513 0x3668 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 16:43:10.0560 0x3668 SmsRouter - ok 16:43:10.0575 0x3668 [ 01275E832DB5A5159379A9C67AF51BBF, 0335D361C19562E89052DDEDCDBD1825E64DF04F723CFF7D8D1C1CE9B89D12AB ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 16:43:10.0575 0x3668 SNMPTRAP - ok 16:43:10.0591 0x3668 [ C933E0DC14AA0B09B2D49F01CE10674B, 83F6D04765B7B7A2016415BAE169164B0E62B4FD994C276F13630A9C0D0E6C90 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 16:43:10.0622 0x3668 spaceport - ok 16:43:10.0638 0x3668 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 16:43:10.0653 0x3668 SpbCx - ok 16:43:10.0685 0x3668 [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\WINDOWS\System32\spoolsv.exe 16:43:10.0716 0x3668 Spooler - ok 16:43:10.0872 0x3668 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 16:43:10.0997 0x3668 sppsvc - ok 16:43:11.0028 0x3668 [ 2E0F160AFE1EB7E8C21D6FE782FFFE0B, 0CA845468E42F0448FD7BECFA4E75E8548E20CAAA0DE0C37FFFACF7EB16CE0DE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:43:11.0044 0x3668 srv - ok 16:43:11.0060 0x3668 [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 16:43:11.0091 0x3668 srv2 - ok 16:43:11.0107 0x3668 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 16:43:11.0122 0x3668 srvnet - ok 16:43:11.0154 0x3668 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:43:11.0185 0x3668 SSDPSRV - ok 16:43:11.0200 0x3668 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 16:43:11.0232 0x3668 SstpSvc - ok 16:43:11.0341 0x3668 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 16:43:11.0466 0x3668 StateRepository - ok 16:43:11.0482 0x3668 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 16:43:11.0497 0x3668 stexstor - ok 16:43:11.0513 0x3668 [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll 16:43:11.0544 0x3668 stisvc - ok 16:43:11.0576 0x3668 [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 16:43:11.0576 0x3668 storahci - ok 16:43:11.0591 0x3668 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 16:43:11.0607 0x3668 storflt - ok 16:43:11.0607 0x3668 [ 53D13EA98FDB37DBF8749E950CFD9EAD, 93122D9F4884154364384E1ABC5637540EE8BD5AF4D3E97B744D1FE5552A7AD6 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 16:43:11.0622 0x3668 stornvme - ok 16:43:11.0622 0x3668 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 16:43:11.0638 0x3668 storqosflt - ok 16:43:11.0669 0x3668 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll 16:43:11.0701 0x3668 StorSvc - ok 16:43:11.0716 0x3668 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 16:43:11.0716 0x3668 storufs - ok 16:43:11.0732 0x3668 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 16:43:11.0732 0x3668 storvsc - ok 16:43:11.0747 0x3668 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll 16:43:11.0763 0x3668 svsvc - ok 16:43:11.0763 0x3668 [ 04CF20310145DEC63D5387BEAFF77D9A, 5017AF8C2DFBFE1F9946FF5AF229D62D141118EA923EEFA994EB4C7B52DEF208 ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys 16:43:11.0763 0x3668 SWDUMon - ok 16:43:11.0779 0x3668 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys 16:43:11.0779 0x3668 swenum - ok 16:43:11.0794 0x3668 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 16:43:11.0826 0x3668 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 16:43:11.0951 0x3668 Detect skipped due to KSN trusted 16:43:11.0951 0x3668 SwitchBoard - ok 16:43:11.0966 0x3668 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll 16:43:11.0982 0x3668 swprv - ok 16:43:12.0013 0x3668 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 16:43:12.0013 0x3668 Synth3dVsc - ok 16:43:12.0044 0x3668 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll 16:43:12.0091 0x3668 SysMain - ok 16:43:12.0107 0x3668 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 16:43:12.0138 0x3668 SystemEventsBroker - ok 16:43:12.0138 0x3668 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 16:43:12.0169 0x3668 TabletInputService - ok 16:43:12.0201 0x3668 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:43:12.0216 0x3668 TapiSrv - ok 16:43:12.0294 0x3668 [ 90F942B1D2B6F99B106833F417E8654F, 5CC7419A9356E0BE16BEE21A5D7B6EF2E5951581F6584EA84F9FED45DD44BA72 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 16:43:12.0357 0x3668 Tcpip - ok 16:43:12.0435 0x3668 [ 90F942B1D2B6F99B106833F417E8654F, 5CC7419A9356E0BE16BEE21A5D7B6EF2E5951581F6584EA84F9FED45DD44BA72 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 16:43:12.0497 0x3668 Tcpip6 - ok 16:43:12.0513 0x3668 [ 14A6ED9AD702CE1F1CE34756EB41834F, 3BD985C9EBBA12BF66D0492F21D3551888DB612BDB736B11B7C7B0E475A8314A ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 16:43:12.0513 0x3668 tcpipreg - ok 16:43:12.0529 0x3668 [ 0E9EC7550A76347EA677761155494ADE, DE97C6F35B5FA76A35C9C79312264B3A91043B8A46CD09CE91909E2FCC66076D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 16:43:12.0529 0x3668 tdx - ok 16:43:12.0544 0x3668 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 16:43:12.0544 0x3668 terminpt - ok 16:43:12.0576 0x3668 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll 16:43:12.0607 0x3668 TermService - ok 16:43:12.0622 0x3668 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll 16:43:12.0638 0x3668 Themes - ok 16:43:12.0654 0x3668 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 16:43:12.0685 0x3668 TieringEngineService - ok 16:43:12.0701 0x3668 [ A9965F69CBD9D4CF42D34D502EFE34DE, 365D361CB1B99A846A07500DA06F99925C5C0096561EB005DAB936F70F98B249 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 16:43:12.0732 0x3668 tiledatamodelsvc - ok 16:43:12.0747 0x3668 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll 16:43:12.0763 0x3668 TimeBrokerSvc - ok 16:43:12.0794 0x3668 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys 16:43:12.0794 0x3668 TPM - ok 16:43:12.0810 0x3668 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll 16:43:12.0826 0x3668 TrkWks - ok 16:43:12.0826 0x3668 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 16:43:12.0841 0x3668 TrustedInstaller - ok 16:43:12.0841 0x3668 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 16:43:12.0857 0x3668 tsusbflt - ok 16:43:12.0857 0x3668 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 16:43:12.0872 0x3668 TsUsbGD - ok 16:43:12.0888 0x3668 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys 16:43:12.0904 0x3668 tsusbhub - ok 16:43:12.0904 0x3668 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 16:43:12.0919 0x3668 tunnel - ok 16:43:12.0935 0x3668 [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 16:43:12.0935 0x3668 tzautoupdate - ok 16:43:12.0951 0x3668 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 16:43:12.0951 0x3668 UASPStor - ok 16:43:12.0966 0x3668 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 16:43:12.0982 0x3668 UcmCx0101 - ok 16:43:12.0982 0x3668 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys 16:43:12.0997 0x3668 UcmTcpciCx0101 - ok 16:43:12.0997 0x3668 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 16:43:13.0013 0x3668 UcmUcsi - ok 16:43:13.0013 0x3668 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 16:43:13.0029 0x3668 Ucx01000 - ok 16:43:13.0044 0x3668 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 16:43:13.0044 0x3668 UdeCx - ok 16:43:13.0060 0x3668 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 16:43:13.0076 0x3668 udfs - ok 16:43:13.0091 0x3668 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 16:43:13.0091 0x3668 UEFI - ok 16:43:13.0107 0x3668 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys 16:43:13.0107 0x3668 UevAgentDriver - ok 16:43:13.0138 0x3668 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe 16:43:13.0185 0x3668 UevAgentService - ok 16:43:13.0201 0x3668 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 16:43:13.0216 0x3668 Ufx01000 - ok 16:43:13.0216 0x3668 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 16:43:13.0232 0x3668 UfxChipidea - ok 16:43:13.0232 0x3668 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 16:43:13.0247 0x3668 ufxsynopsys - ok 16:43:13.0263 0x3668 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 16:43:13.0279 0x3668 UI0Detect - ok 16:43:13.0294 0x3668 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys 16:43:13.0310 0x3668 umbus - ok 16:43:13.0310 0x3668 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 16:43:13.0326 0x3668 UmPass - ok 16:43:13.0341 0x3668 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 16:43:13.0372 0x3668 UmRdpService - ok 16:43:13.0404 0x3668 [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 16:43:13.0451 0x3668 UnistoreSvc - ok 16:43:13.0497 0x3668 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll 16:43:13.0529 0x3668 upnphost - ok 16:43:13.0529 0x3668 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 16:43:13.0544 0x3668 UrsChipidea - ok 16:43:13.0560 0x3668 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 16:43:13.0560 0x3668 UrsCx01000 - ok 16:43:13.0576 0x3668 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 16:43:13.0576 0x3668 UrsSynopsys - ok 16:43:13.0576 0x3668 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 16:43:13.0591 0x3668 USBAAPL64 - ok 16:43:13.0607 0x3668 [ 93F169DE94DBAC5DAF4755AFF10193DD, 381E6751EB97426B9BF30929E4B82A665D1ED985DA60BE18D3C17CF2BB41F848 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 16:43:13.0623 0x3668 usbaudio - ok 16:43:13.0623 0x3668 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 16:43:13.0638 0x3668 usbccgp - ok 16:43:13.0638 0x3668 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 16:43:13.0654 0x3668 usbcir - ok 16:43:13.0669 0x3668 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 16:43:13.0669 0x3668 usbehci - ok 16:43:13.0685 0x3668 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 16:43:13.0701 0x3668 usbhub - ok 16:43:13.0732 0x3668 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 16:43:13.0763 0x3668 USBHUB3 - ok 16:43:13.0763 0x3668 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 16:43:13.0779 0x3668 usbohci - ok 16:43:13.0779 0x3668 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 16:43:13.0794 0x3668 usbprint - ok 16:43:13.0794 0x3668 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:43:13.0810 0x3668 usbscan - ok 16:43:13.0810 0x3668 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys 16:43:13.0826 0x3668 usbser - ok 16:43:13.0841 0x3668 [ 529634743FB9D72BDC27F2AF02F3260C, 14F9C929C389D23808E34CE9332E6775314FE338CB586B54B83C616310DBBC6F ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 16:43:13.0841 0x3668 USBSTOR - ok 16:43:13.0857 0x3668 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 16:43:13.0872 0x3668 usbuhci - ok 16:43:13.0872 0x3668 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 16:43:13.0888 0x3668 usbvideo - ok 16:43:13.0904 0x3668 [ 58827BEFC54D4396D3FD191F5DD31C1D, 0054D6945FDB5B33B35753FF70ED22EF6C518B31AB97D5FCBBD6C60921F64A13 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 16:43:13.0919 0x3668 USBXHCI - ok 16:43:13.0966 0x3668 [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 16:43:14.0013 0x3668 UserDataSvc - ok 16:43:14.0044 0x3668 [ F8888D8CCECAA7B77CCAEABA901AB874, 51816968A33CC42778CC9C0B714CF2F6822237DCDCBC29601EF399FBE5925169 ] UserManager C:\WINDOWS\System32\usermgr.dll 16:43:14.0091 0x3668 UserManager - ok 16:43:14.0107 0x3668 [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc C:\WINDOWS\system32\usocore.dll 16:43:14.0138 0x3668 UsoSvc - ok 16:43:14.0154 0x3668 [ EA0D394EF9A9F225A5C4BD6EC83FE78A, 960EE6EC293B7CF62F2E6F49ED197783C7AD860E4DD23BAA0200D300D31E8B56 ] VaultSvc C:\WINDOWS\system32\lsass.exe 16:43:14.0169 0x3668 VaultSvc - ok 16:43:14.0169 0x3668 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 16:43:14.0185 0x3668 vdrvroot - ok 16:43:14.0216 0x3668 [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds C:\WINDOWS\System32\vds.exe 16:43:14.0248 0x3668 vds - ok 16:43:14.0248 0x3668 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 16:43:14.0263 0x3668 VerifierExt - ok 16:43:14.0294 0x3668 [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 16:43:14.0326 0x3668 vhdmp - ok 16:43:14.0326 0x3668 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys 16:43:14.0341 0x3668 vhf - ok 16:43:14.0357 0x3668 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 16:43:14.0373 0x3668 vmbus - ok 16:43:14.0373 0x3668 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 16:43:14.0388 0x3668 VMBusHID - ok 16:43:14.0388 0x3668 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys 16:43:14.0404 0x3668 vmgid - ok 16:43:14.0435 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll 16:43:14.0451 0x3668 vmicguestinterface - ok 16:43:14.0451 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll 16:43:14.0482 0x3668 vmicheartbeat - ok 16:43:14.0482 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll 16:43:14.0513 0x3668 vmickvpexchange - ok 16:43:14.0529 0x3668 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll 16:43:14.0544 0x3668 vmicrdv - ok 16:43:14.0560 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll 16:43:14.0576 0x3668 vmicshutdown - ok 16:43:14.0591 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll 16:43:14.0607 0x3668 vmictimesync - ok 16:43:14.0607 0x3668 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll 16:43:14.0638 0x3668 vmicvmsession - ok 16:43:14.0638 0x3668 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\WINDOWS\System32\icsvcext.dll 16:43:14.0654 0x3668 vmicvss - ok 16:43:14.0669 0x3668 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 16:43:14.0669 0x3668 volmgr - ok 16:43:14.0685 0x3668 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 16:43:14.0701 0x3668 volmgrx - ok 16:43:14.0732 0x3668 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 16:43:14.0747 0x3668 volsnap - ok 16:43:14.0763 0x3668 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys 16:43:14.0779 0x3668 volume - ok 16:43:14.0779 0x3668 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 16:43:14.0794 0x3668 vpci - ok 16:43:14.0794 0x3668 vpnva - ok 16:43:14.0794 0x3668 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 16:43:14.0826 0x3668 vsmraid - ok 16:43:14.0857 0x3668 [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS C:\WINDOWS\system32\vssvc.exe 16:43:14.0919 0x3668 VSS - ok 16:43:14.0935 0x3668 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 16:43:14.0951 0x3668 VSTXRAID - ok 16:43:14.0966 0x3668 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 16:43:14.0966 0x3668 vwifibus - ok 16:43:14.0982 0x3668 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 16:43:14.0998 0x3668 vwififlt - ok 16:43:14.0998 0x3668 [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys 16:43:15.0013 0x3668 vwifimp - ok 16:43:15.0029 0x3668 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll 16:43:15.0060 0x3668 W32Time - ok 16:43:15.0060 0x3668 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 16:43:15.0076 0x3668 WacomPen - ok 16:43:15.0091 0x3668 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll 16:43:15.0122 0x3668 WalletService - ok 16:43:15.0122 0x3668 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:43:15.0138 0x3668 wanarp - ok 16:43:15.0138 0x3668 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:43:15.0169 0x3668 wanarpv6 - ok 16:43:15.0201 0x3668 [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine C:\WINDOWS\system32\wbengine.exe 16:43:15.0263 0x3668 wbengine - ok 16:43:15.0279 0x3668 [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 16:43:15.0310 0x3668 WbioSrvc - ok 16:43:15.0326 0x3668 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys 16:43:15.0326 0x3668 wcifs - ok 16:43:15.0357 0x3668 [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 16:43:15.0388 0x3668 Wcmsvc - ok 16:43:15.0404 0x3668 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 16:43:15.0435 0x3668 wcncsvc - ok 16:43:15.0435 0x3668 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys 16:43:15.0451 0x3668 wcnfs - ok 16:43:15.0451 0x3668 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 16:43:15.0466 0x3668 WdBoot - ok 16:43:15.0466 0x3668 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys 16:43:15.0482 0x3668 WDC_SAM - ok 16:43:15.0498 0x3668 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 16:43:15.0529 0x3668 Wdf01000 - ok 16:43:15.0529 0x3668 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 16:43:15.0544 0x3668 WdFilter - ok 16:43:15.0560 0x3668 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 16:43:15.0576 0x3668 WdiServiceHost - ok 16:43:15.0576 0x3668 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 16:43:15.0591 0x3668 WdiSystemHost - ok 16:43:15.0607 0x3668 [ CAC84836FC881E888146E8B08E568D74, BE7C982C13E36F78E6AF14607E0D0A56EA28009AB864163A59706692810C94E5 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 16:43:15.0638 0x3668 wdiwifi - ok 16:43:15.0654 0x3668 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 16:43:15.0654 0x3668 WdNisDrv - ok 16:43:15.0669 0x3668 WdNisSvc - ok 16:43:15.0685 0x3668 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll 16:43:15.0701 0x3668 WebClient - ok 16:43:15.0748 0x3668 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 16:43:15.0763 0x3668 Wecsvc - ok 16:43:15.0779 0x3668 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 16:43:15.0794 0x3668 WEPHOSTSVC - ok 16:43:15.0794 0x3668 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 16:43:15.0810 0x3668 wercplsupport - ok 16:43:15.0810 0x3668 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 16:43:15.0826 0x3668 WerSvc - ok 16:43:15.0841 0x3668 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 16:43:15.0857 0x3668 WFPLWFS - ok 16:43:15.0857 0x3668 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 16:43:15.0873 0x3668 WiaRpc - ok 16:43:15.0873 0x3668 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 16:43:15.0888 0x3668 WIMMount - ok 16:43:15.0888 0x3668 WinDefend - ok 16:43:15.0904 0x3668 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 16:43:15.0919 0x3668 WindowsTrustedRT - ok 16:43:15.0935 0x3668 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 16:43:15.0951 0x3668 WindowsTrustedRTProxy - ok 16:43:15.0982 0x3668 [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 16:43:16.0029 0x3668 WinHttpAutoProxySvc - ok 16:43:16.0029 0x3668 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 16:43:16.0044 0x3668 WinMad - ok 16:43:16.0076 0x3668 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:43:16.0091 0x3668 Winmgmt - ok 16:43:16.0169 0x3668 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 16:43:16.0263 0x3668 WinRM - ok 16:43:16.0263 0x3668 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 16:43:16.0279 0x3668 WINUSB - ok 16:43:16.0294 0x3668 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 16:43:16.0294 0x3668 WinVerbs - ok 16:43:16.0310 0x3668 [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc C:\WINDOWS\system32\flightsettings.dll 16:43:16.0341 0x3668 wisvc - ok 16:43:16.0404 0x3668 [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 16:43:16.0498 0x3668 WlanSvc - ok 16:43:16.0560 0x3668 [ 11DF1660D0889007F29B46CEA4544E88, 00CF1D7E4F53808907945D742AA27F7599783438B4D3CA348771F93A0F69D0FD ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 16:43:16.0654 0x3668 wlidsvc - ok 16:43:16.0654 0x3668 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 16:43:16.0670 0x3668 WmiAcpi - ok 16:43:16.0685 0x3668 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 16:43:16.0701 0x3668 wmiApSrv - ok 16:43:16.0716 0x3668 WMPNetworkSvc - ok 16:43:16.0748 0x3668 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 16:43:16.0763 0x3668 Wof - ok 16:43:16.0841 0x3668 [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 16:43:16.0904 0x3668 workfolderssvc - ok 16:43:16.0920 0x3668 [ 9BBCB2C1CAC372FF6BA55CE56842A937, B5E494C2B89D400377F6714D59AFEA79AB0DCC9B2EE2B070D5B680C53EB294AB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 16:43:16.0935 0x3668 WPDBusEnum - ok 16:43:16.0951 0x3668 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 16:43:16.0951 0x3668 WpdUpFltr - ok 16:43:16.0966 0x3668 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll 16:43:16.0982 0x3668 WpnService - ok 16:43:16.0982 0x3668 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll 16:43:16.0998 0x3668 WpnUserService - ok 16:43:17.0045 0x3668 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 16:43:17.0060 0x3668 ws2ifsl - ok 16:43:17.0060 0x3668 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 16:43:17.0076 0x3668 wscsvc - ok 16:43:17.0091 0x3668 WSearch - ok 16:43:17.0158 0x3668 [ 712AA9EBA24A84A57BF707F092DA63E9, DF0D8628544EA5E4ECE01C50C5D15B2A1B1C03A11701D05F2212C507AF77DE14 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 16:43:17.0236 0x3668 wuauserv - ok 16:43:17.0252 0x3668 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 16:43:17.0267 0x3668 WudfPf - ok 16:43:17.0267 0x3668 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 16:43:17.0283 0x3668 WUDFRd - ok 16:43:17.0298 0x3668 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 16:43:17.0314 0x3668 wudfsvc - ok 16:43:17.0314 0x3668 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 16:43:17.0330 0x3668 WUDFWpdFs - ok 16:43:17.0345 0x3668 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 16:43:17.0361 0x3668 WUDFWpdMtp - ok 16:43:17.0377 0x3668 [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 16:43:17.0439 0x3668 WwanSvc - ok 16:43:17.0455 0x3668 [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 16:43:17.0502 0x3668 XblAuthManager - ok 16:43:17.0533 0x3668 [ 24198F59BEA26F72292AB42641DFCEA5, 17F2712A7B8E3B3530334EABD2CB6B91C2EA9825D57573425D25B185EDCAEB46 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 16:43:17.0580 0x3668 XblGameSave - ok 16:43:17.0580 0x3668 [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 16:43:17.0611 0x3668 xboxgip - ok 16:43:17.0627 0x3668 [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 16:43:17.0673 0x3668 XboxNetApiSvc - ok 16:43:17.0673 0x3668 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 16:43:17.0689 0x3668 xinputhid - ok 16:43:17.0689 0x3668 ================ Scan global =============================== 16:43:17.0752 0x3668 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll 16:43:17.0783 0x3668 [ FE795A4DD2AB81C8ED456CF7DDFD61DE, 9363EC5911EED6F4779991F88FF0156FD0DBECAC5FFB3CCE89F77E8B6FAA03F3 ] C:\WINDOWS\system32\winsrv.dll 16:43:17.0798 0x3668 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll 16:43:17.0814 0x3668 [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\WINDOWS\system32\services.exe 16:43:17.0830 0x3668 [ Global ] - ok 16:43:17.0830 0x3668 ================ Scan MBR ================================== 16:43:17.0830 0x3668 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 16:43:18.0205 0x3668 \Device\Harddisk0\DR0 - ok 16:43:18.0205 0x3668 ================ Scan VBR ================================== 16:43:18.0205 0x3668 [ 984D05D97E57D8FC1AB6E7EF8C1E7D29 ] \Device\Harddisk0\DR0\Partition1 16:43:18.0205 0x3668 \Device\Harddisk0\DR0\Partition1 - ok 16:43:18.0220 0x3668 [ 7E3823CE7158DA934D74B61B81958F3F ] \Device\Harddisk0\DR0\Partition2 16:43:18.0220 0x3668 \Device\Harddisk0\DR0\Partition2 - ok 16:43:18.0220 0x3668 ================ Scan generic autorun ====================== 16:43:18.0564 0x3668 [ 3F6E7F06228159E86B2B69E358843DB8, 2CCE54D0D74DDAD012ADBEF13D0F248066B6CF7CDE162CD953D01E5D58768600 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 16:43:18.0955 0x3668 RtHDVCpl - ok 16:43:19.0017 0x3668 [ 59F8DA04498B80D58FD8638370C5C84F, 522F347F1F1B3991FDC60FF3CE8F8ABB2EDFE65C569D18EF5ACB690FD1BADC82 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 16:43:19.0049 0x3668 RtHDVBg_Dolby - ok 16:43:19.0095 0x3668 [ 3A2E669A7D492AC4BD48D0F755F7E7C4, CC92D060EAE7703F55C82B43C1D3ED528A8EB11F6563F7D4FB9D6E2CCEE6C6CC ] C:\Program Files\Apoint2K\Apoint.exe 16:43:19.0111 0x3668 Apoint - ok 16:43:19.0517 0x3668 [ 8AFBDD458A6CBBC5654D959C03C2A87A, D27889AEA72F316A2FBAF06AAF3D94B823875D6108E12CAF7B76B3293C22D1CD ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe 16:43:19.0830 0x3668 Energy Manager - ok 16:43:19.0846 0x3668 [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe 16:43:19.0861 0x3668 Lenovo Utility - ok 16:43:19.0892 0x3668 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 16:43:19.0892 0x3668 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 16:43:20.0017 0x3668 Detect skipped due to KSN trusted 16:43:20.0017 0x3668 IAStorIcon - ok 16:43:20.0080 0x3668 [ 046CA262E8D521A1B050566E330B7178, 79283983AD7430DF90F60F2A46E683E1FE599E74F72DFA4661D719B0E906AF13 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 16:43:20.0142 0x3668 NvBackend - ok 16:43:20.0158 0x3668 [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\WINDOWS\system32\rundll32.exe 16:43:20.0174 0x3668 ShadowPlay - ok 16:43:20.0205 0x3668 [ 63B913AAB1244D8DED54CF0EFC8A56BD, 639830E9ECB004F09EA968EDF68C0037B5DFF7CCFF007DE5D11DEF2166707341 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 16:43:20.0221 0x3668 AdobeAAMUpdater-1.0 - ok 16:43:20.0236 0x3668 [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe 16:43:20.0252 0x3668 iTunesHelper - ok 16:43:20.0252 0x3668 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 16:43:20.0283 0x3668 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 16:43:20.0283 0x3668 Detect skipped due to KSN trusted 16:43:20.0283 0x3668 SwitchBoard - ok 16:43:20.0314 0x3668 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 16:43:20.0346 0x3668 AdobeCS6ServiceManager - ok 16:43:20.0377 0x3668 [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 16:43:20.0392 0x3668 IJNetworkScannerSelectorEX - ok 16:43:20.0424 0x3668 [ D644073DAAC7AE80F757F82A8D90C3D1, C98283B30CFBAB315BFD9CBA36ED2DC65150B7400BFE3285C21E6C1E52F41AFC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 16:43:20.0424 0x3668 APSDaemon - ok 16:43:20.0471 0x3668 [ BBFD8580CE42378BB7FCA5007F497589, 4B3E39495FC223A03CC6438AAC910820FEB13D253A9A97678428CFFD211829EA ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe 16:43:20.0486 0x3668 BlueStacks Agent - ok 16:43:20.0517 0x3668 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 16:43:20.0533 0x3668 SunJavaUpdateSched - ok 16:43:20.0818 0x3668 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 16:43:21.0099 0x3668 OneDriveSetup - ok 16:43:21.0318 0x3668 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 16:43:21.0489 0x3668 OneDriveSetup - ok 16:43:21.0536 0x3668 [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\tha\AppData\Local\Microsoft\OneDrive\OneDrive.exe 16:43:21.0583 0x3668 OneDrive - ok 16:43:21.0614 0x3668 [ 1CCB1344885F881CA268C6D222EB44B8, E2BE86F8449224EC3DC374DA5133EB565E067B0672ECDB3BD10F2C9C21448F72 ] C:\WINDOWS\Speech\Common\sapisvr.exe 16:43:21.0661 0x3668 Speech Recognition - ok 16:43:21.0896 0x3668 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 16:43:22.0052 0x3668 OneDriveSetup - ok 16:43:22.0146 0x3668 [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe 16:43:22.0177 0x3668 WAB Migrate - ok 16:43:22.0396 0x3668 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 16:43:22.0583 0x3668 OneDriveSetup - ok 16:43:22.0615 0x3668 Skype - ok 16:43:22.0646 0x3668 [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe 16:43:22.0677 0x3668 OneDrive - ok 16:43:22.0693 0x3668 [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe 16:43:22.0724 0x3668 WAB Migrate - ok 16:43:22.0958 0x3668 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe 16:43:23.0146 0x3668 OneDriveSetup - ok 16:43:23.0161 0x3668 [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe 16:43:23.0193 0x3668 WAB Migrate - ok 16:43:23.0193 0x3668 Waiting for KSN requests completion. In queue: 290 16:43:24.0209 0x3668 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated ) 16:43:24.0209 0x3668 AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51000 ( enabled : updated ) 16:43:24.0209 0x3668 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51010 ( enabled ) 16:43:24.0365 0x3668 ============================================================ 16:43:24.0365 0x3668 Scan finished 16:43:24.0365 0x3668 ============================================================ 16:43:24.0365 0x03d4 Detected object count: 0 16:43:24.0365 0x03d4 Actual detected object count: 0 [/CODE] |
30.07.2017, 20:20 | #7 | |
/// TB-Ausbilder | Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Zitat:
Wie bereits in meinen einleitenden Hinweisen erwähnt brauchen alle Tools Admin-Rechte. |
30.07.2017, 22:38 | #8 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. Oh, Verzeihung: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017 durchgeführt von Administrator (Administrator) auf PAOLO (30-07-2017 23:30:00) Gestartet von C:\Users\tha\Downloads Geladene Profile: tha & Administrator (Verfügbare Profile: tha & Kind 1_2_3 & Administrator & Gast) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [703272 2015-10-28] (Alps Electric Co., Ltd.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [892536 2015-07-16] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-12-16] ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-29] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) GroupPolicyUsers\S-1-5-21-1389048734-1753713617-1501943725-1004\User: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{7126d5c5-abe5-4848-996b-ac34b988f149}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{814f66ba-d36a-4538-8b9c-8fa24599115a}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001 -> {388E85C4-8995-4311-8A02-876679A476F0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141202&p={searchTerms} SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-500 -> DefaultScope {79B7E768-F438-4483-A908-16B95014F5A4} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18] (Oracle Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: gsolg4hz.default-1412230849321 FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 [2015-12-16] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 -> SuchMaschine FF Extension: (Cliqz) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\cliqz@cliqz.com.xpi [2015-11-26] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-26] FF Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26] FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\privatelee-https.xml [2014-10-27] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\suchmaschine.xml [2014-12-31] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\youtube.xml [2015-11-26] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-07-03] [ist nicht signiert] FF HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\extensions\cliqz@cliqz.com => nicht gefunden FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-19] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-11-09] (McAfee, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 0130011500050593mcinstcleanup; C:\WINDOWS\TEMP\013001~1.EXE [1031928 2017-05-31] (McAfee, Inc.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90440 2015-10-28] (Alps Electric Co., Ltd.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.) R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert] R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-20] (Intel Corporation) R3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.) R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-10-24] (REALiX(tm)) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-20] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.) U3 mfeavfk01; kein ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-12-20] (Realsil Semiconductor Corporation) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2016-06-27] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-30 23:29 - 2017-07-30 23:29 - 000000000 ____D C:\Users\tha\Downloads\FRST-OlderVersion 2017-07-30 16:40 - 2017-07-30 19:45 - 000293136 _____ C:\TDSSKiller.3.1.0.15_30.07.2017_16.40.35_log.txt 2017-07-30 16:40 - 2017-07-30 16:40 - 000038714 _____ C:\Users\tha\Downloads\Addition.txt 2017-07-30 16:31 - 2017-07-30 16:36 - 004922400 _____ (AO Kaspersky Lab) C:\Users\tha\Downloads\tdsskiller.exe 2017-07-30 16:20 - 2017-07-30 23:30 - 000028032 _____ C:\Users\tha\Downloads\FRST.txt 2017-07-30 16:10 - 2017-07-30 23:29 - 002381312 _____ (Farbar) C:\Users\tha\Downloads\FRST64.exe 2017-07-27 11:20 - 2017-07-27 11:20 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1389048734-1753713617-1501943725-1001 2017-07-19 00:19 - 2017-07-28 01:18 - 000000000 ____D C:\Users\tha\Documents\filmkulturerbe 2017-07-18 15:42 - 2017-07-18 15:42 - 000068739 _____ C:\Users\tha\Desktop\Detail.pdf 2017-07-17 12:39 - 2017-07-19 08:45 - 000000000 ____D C:\Users\tha\Documents\Schriften 2017-07-17 12:38 - 2017-07-17 12:38 - 000321089 _____ C:\Users\tha\Desktop\Archiv.zip 2017-07-11 23:22 - 2017-07-07 09:49 - 000340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-07-11 23:22 - 2017-07-07 09:46 - 000781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:45 - 002263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-07-11 23:22 - 2017-07-07 09:40 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 005686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:20 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2017-07-11 23:22 - 2017-07-07 09:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll 2017-07-11 23:22 - 2017-07-07 09:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 23:22 - 2017-07-07 09:10 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 23:22 - 2017-07-07 09:06 - 007626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-07-11 23:22 - 2017-07-07 09:03 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 23:22 - 2017-07-07 09:02 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 23:22 - 2017-07-07 09:00 - 000476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 004423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 23:22 - 2017-07-07 08:54 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-07-11 23:22 - 2017-07-07 08:53 - 002483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 004561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 23:22 - 2017-07-07 08:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-07-11 23:22 - 2017-06-21 10:18 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-07-11 23:22 - 2017-06-21 09:52 - 000088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-07-11 23:22 - 2017-06-21 09:52 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-07-11 23:22 - 2017-06-21 09:42 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 23:22 - 2017-06-21 09:42 - 000601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-07-11 23:22 - 2017-06-21 09:39 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-07-11 23:22 - 2017-06-21 09:38 - 000790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 23:22 - 2017-06-21 09:36 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-07-11 23:22 - 2017-06-21 09:36 - 000129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2017-07-11 23:22 - 2017-06-21 09:30 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-07-11 23:22 - 2017-06-21 09:30 - 000196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2017-07-11 23:22 - 2017-06-21 09:29 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 002277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll 2017-07-11 23:22 - 2017-06-21 09:22 - 000361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 006665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2017-07-11 23:22 - 2017-06-21 09:19 - 004312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 23:22 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-07-11 23:22 - 2017-06-21 09:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys 2017-07-11 23:22 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-07-11 23:22 - 2017-06-21 09:01 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 08:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-07-11 23:22 - 2017-06-21 08:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-07-11 23:22 - 2017-06-21 08:47 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-07-11 23:22 - 2017-06-21 08:45 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 002749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-07-11 23:22 - 2017-06-21 08:42 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-07-11 23:22 - 2017-06-21 08:38 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:35 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:34 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-07-11 23:22 - 2017-06-21 08:31 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-07-11 23:22 - 2017-06-21 08:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll 2017-07-11 23:22 - 2017-06-21 08:10 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-07-11 23:22 - 2017-03-04 08:56 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-07-11 23:22 - 2017-03-04 08:19 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-07-11 23:22 - 2017-03-04 08:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-07-11 23:22 - 2017-03-04 08:16 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:22 - 2017-03-04 08:12 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-07-11 23:22 - 2017-03-04 08:02 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-07-11 23:22 - 2016-10-05 11:15 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-07-11 23:22 - 2016-09-15 18:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:22 - 2016-09-15 18:47 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-07-11 23:21 - 2017-07-07 09:44 - 000108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 23:21 - 2017-07-07 09:42 - 007781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-07-11 23:21 - 2017-07-07 09:37 - 000468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 23:21 - 2017-07-07 09:37 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-07-11 23:21 - 2017-07-07 09:32 - 000404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-07-11 23:21 - 2017-07-07 09:29 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-07-11 23:21 - 2017-07-07 09:24 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-07-11 23:21 - 2017-07-07 09:23 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 23:21 - 2017-07-07 09:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 09:18 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 001100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 23:21 - 2017-07-07 09:14 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 09:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 23:21 - 2017-07-07 09:11 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 09:06 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 09:05 - 019414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-07-11 23:21 - 2017-07-07 09:00 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:57 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:56 - 006035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:55 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:54 - 002027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:51 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 23:21 - 2017-07-07 08:46 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-07-11 23:21 - 2017-07-07 08:44 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 08:39 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 23:21 - 2017-07-07 08:36 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 23:21 - 2017-07-07 08:35 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 23:21 - 2017-07-07 08:33 - 000576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll 2017-07-11 23:21 - 2017-07-07 08:31 - 023676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-07-11 23:21 - 2017-07-07 08:30 - 013090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:29 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:28 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 23:21 - 2017-07-07 08:27 - 008120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 004744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-07-11 23:21 - 2017-06-21 09:54 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-07-11 23:21 - 2017-06-21 09:53 - 000794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 001886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 000774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-07-11 23:21 - 2017-06-21 09:51 - 002255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-07-11 23:21 - 2017-06-21 09:48 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-07-11 23:21 - 2017-06-21 09:41 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:40 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 007220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 008169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 004260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 23:21 - 2017-06-21 09:26 - 000387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-07-11 23:21 - 2017-06-21 09:06 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 23:21 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-07-11 23:21 - 2017-06-21 09:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-07-11 23:21 - 2017-06-21 09:02 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:21 - 2017-06-21 08:59 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2017-07-11 23:21 - 2017-06-21 08:58 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-07-11 23:21 - 2017-06-21 08:58 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-07-11 23:21 - 2017-06-21 08:57 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 23:21 - 2017-06-21 08:56 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-07-11 23:21 - 2017-06-21 08:56 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 23:21 - 2017-06-21 08:55 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 017198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-07-11 23:21 - 2017-06-21 08:51 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-07-11 23:21 - 2017-06-21 08:50 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-07-11 23:21 - 2017-06-21 08:43 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 001891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 005611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-07-11 23:21 - 2017-06-21 08:38 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-07-11 23:21 - 2017-06-21 08:36 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-07-11 23:21 - 2017-06-21 08:34 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2017-07-11 23:21 - 2017-06-21 08:33 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-07-11 23:21 - 2017-06-21 08:33 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll 2017-07-11 23:21 - 2017-05-23 06:58 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-07-11 23:21 - 2017-03-04 09:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-07-11 23:21 - 2017-03-04 08:28 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:21 - 2017-03-04 08:26 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-07-11 23:21 - 2017-03-04 08:20 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:21 - 2017-03-04 08:19 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-07-11 23:21 - 2017-03-04 08:17 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-07-11 23:21 - 2017-03-04 08:15 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-07-11 23:21 - 2017-03-04 08:14 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 23:21 - 2016-10-15 05:45 - 001790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-07-11 23:21 - 2016-08-27 07:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 23:20 - 2017-07-07 09:40 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-07-11 23:20 - 2017-07-07 09:28 - 000223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 23:20 - 2017-07-07 09:23 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-07-11 23:20 - 2017-07-07 08:58 - 007217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-07-11 23:20 - 2017-07-07 08:49 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-07-11 23:20 - 2017-07-07 08:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 23:20 - 2017-07-07 08:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2017-07-11 23:20 - 2017-07-07 08:45 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-07-11 23:20 - 2017-07-07 08:45 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-07-11 23:20 - 2017-07-07 08:43 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 23:20 - 2017-07-07 08:34 - 009131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-07-11 23:20 - 2017-07-07 08:29 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-07-11 23:20 - 2017-07-07 08:28 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 23:20 - 2017-07-07 08:25 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 005388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-07-11 23:20 - 2017-07-07 08:24 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 23:20 - 2017-07-07 08:22 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 23:20 - 2017-06-21 09:56 - 001405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-07-11 23:20 - 2017-06-21 09:55 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 001669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-07-11 23:20 - 2017-06-21 09:54 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-07-11 23:20 - 2017-06-21 09:51 - 000434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-07-11 23:20 - 2017-06-21 09:50 - 000126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2017-07-11 23:20 - 2017-06-21 09:47 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 000224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 23:20 - 2017-06-21 09:36 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-07-11 23:20 - 2017-06-21 09:35 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-07-11 23:20 - 2017-06-21 09:35 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-07-11 23:20 - 2017-06-21 09:31 - 004674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 23:20 - 2017-06-21 09:03 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2017-07-11 23:20 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-07-11 23:20 - 2017-06-21 09:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-07-11 23:20 - 2017-06-21 08:57 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-07-11 23:20 - 2017-06-21 08:52 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-07-11 23:20 - 2017-06-21 08:51 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-07-11 23:20 - 2017-06-21 08:50 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-07-11 23:20 - 2017-06-21 08:48 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-07-11 23:20 - 2017-06-21 08:48 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 003290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-07-11 23:20 - 2017-06-21 08:46 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2017-07-11 23:20 - 2017-06-21 08:45 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-07-11 23:20 - 2017-06-21 08:43 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-07-11 23:20 - 2017-06-21 08:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-07-11 23:20 - 2017-06-21 08:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 23:20 - 2017-06-21 08:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 23:20 - 2017-06-21 08:37 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-07-11 23:20 - 2017-06-21 08:35 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-07-11 23:20 - 2017-06-21 08:34 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-07-11 23:20 - 2017-03-04 08:27 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 23:20 - 2016-10-05 11:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-07-09 17:18 - 2017-07-09 17:18 - 000000000 ____D C:\adobeTemp 2017-07-09 16:26 - 2017-07-09 17:08 - 000001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2017-07-09 15:53 - 2017-07-09 15:53 - 000087314 _____ C:\Users\tha\Downloads\rounded_elegance.zip 2017-07-09 15:19 - 2013-09-16 23:00 - 000000000 ____D C:\Users\tha\Desktop\__MACOSX 2017-07-09 13:19 - 2017-07-09 13:19 - 000001414 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-07-09 12:51 - 2017-07-09 12:52 - 000000000 ____D C:\Program Files\UNP 2017-07-09 12:51 - 2017-07-09 12:51 - 000000000 ____D C:\WINDOWS\system32\UNP 2017-07-07 10:29 - 2017-07-07 10:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc 2017-07-07 09:07 - 2017-07-07 09:07 - 000000000 _____ C:\Users\tha\Downloads\FreemakeVideoConverterSetup.exe 2017-07-07 08:59 - 2017-07-07 08:59 - 001524744 _____ C:\Users\tha\Downloads\Quick Media Converter - CHIP-Installer.exe 2017-07-06 08:23 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-07-06 08:23 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-07-06 08:22 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-07-06 08:22 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-07-05 21:13 - 2017-07-05 21:13 - 000064011 _____ C:\Users\tha\Desktop\entwurf (2014_11_26 12_22_02 UTC).odt 2017-07-04 20:51 - 2017-07-04 20:51 - 000000000 ____D C:\Users\tha\Desktop\vitero Dateien 2017-07-04 18:59 - 2017-07-04 19:02 - 012675832 _____ C:\Users\tha\Downloads\vitero.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-30 23:30 - 2015-04-09 14:37 - 000000000 ____D C:\FRST 2017-07-30 23:06 - 2016-11-20 20:31 - 000000000 ____D C:\Users\tha\AppData\LocalLow\Mozilla 2017-07-30 23:05 - 2016-09-27 11:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-30 23:05 - 2014-10-04 21:23 - 000000000 __SHD C:\Users\tha\IntelGraphicsProfiles 2017-07-30 23:03 - 2016-09-27 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-07-30 22:25 - 2017-06-19 10:17 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2017-07-30 21:29 - 2015-06-26 18:48 - 000000000 ____D C:\Users\tha\AppData\Roaming\vlc 2017-07-30 21:25 - 2014-10-01 19:28 - 000000000 ____D C:\Users\tha\AppData\Roaming\Usenet.nl 2017-07-30 21:23 - 2014-10-01 10:19 - 000000000 ____D C:\Users\tha\Documents\Usenet.nl 2017-07-30 18:19 - 2017-06-19 10:17 - 000004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2017-07-30 02:00 - 2014-10-01 02:47 - 000000000 ____D C:\Users\tha\AppData\Local\Adobe 2017-07-28 22:59 - 2017-02-16 00:09 - 000000000 ____D C:\Users\tha\AppData\Local\CrashDumps 2017-07-28 22:58 - 2017-06-04 20:40 - 000000000 ____D C:\Users\tha\Desktop\neue HA 2017-07-28 22:47 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-07-28 14:17 - 2017-05-16 22:36 - 000004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-07-28 14:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-07-28 14:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-07-27 21:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-07-27 11:20 - 2015-10-28 21:49 - 000002416 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-27 11:20 - 2015-10-28 21:49 - 000000000 ___RD C:\Users\tha\OneDrive 2017-07-26 14:25 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-07-18 10:17 - 2014-10-01 01:01 - 000000000 ____D C:\ProgramData\Energy Manager 2017-07-17 22:37 - 2014-10-01 10:17 - 000000000 ____D C:\Users\tha\Documents\privates 2017-07-14 18:43 - 2014-12-02 22:38 - 000000000 ____D C:\Program Files (x86)\McAfee 2017-07-13 13:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache 2017-07-13 01:42 - 2015-05-01 10:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-12 14:58 - 2016-09-27 11:10 - 000000000 ____D C:\Users\tha 2017-07-12 08:48 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-07-12 08:21 - 2016-07-17 00:51 - 001619550 _____ C:\WINDOWS\system32\perfh007.dat 2017-07-12 08:21 - 2016-07-17 00:51 - 000402306 _____ C:\WINDOWS\system32\perfc007.dat 2017-07-12 08:21 - 2015-10-28 21:28 - 003530374 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-07-12 08:19 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-07-12 08:15 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF 2017-07-12 08:14 - 2016-09-27 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-07-12 08:14 - 2016-09-27 11:05 - 000000000 ____D C:\ProgramData\NVIDIA 2017-07-12 08:14 - 2016-09-27 11:03 - 005002536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-07-12 08:12 - 2016-07-16 08:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-07-11 23:31 - 2014-10-04 20:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-07-11 23:28 - 2014-10-04 20:52 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-11 22:54 - 2016-07-16 13:43 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-07-11 19:04 - 2015-10-07 19:50 - 000000000 ____D C:\Users\tha\Documents\Uni 2017-07-09 17:25 - 2014-10-01 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 2017-07-09 17:20 - 2014-10-01 11:08 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-07-09 17:17 - 2014-10-01 11:07 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-07-09 17:16 - 2014-10-01 11:10 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-07-09 17:08 - 2015-11-18 13:04 - 000001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2017-07-06 08:33 - 2016-08-15 21:31 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-07-04 20:51 - 2015-02-09 10:23 - 000000000 ____D C:\Users\tha\AppData\Roaming\vitero 2017-07-04 08:02 - 2014-12-02 22:39 - 000000000 ____D C:\Program Files\McAfee 2017-07-04 08:01 - 2016-11-20 19:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-07-04 08:01 - 2014-10-02 08:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-07-03 15:17 - 2017-03-24 11:48 - 000000000 ____D C:\Program Files\Common Files\McAfee 2017-07-03 15:17 - 2014-10-01 02:49 - 000000000 ____D C:\ProgramData\McAfee 2017-07-03 15:16 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-07-03 15:15 - 2017-03-24 12:28 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2017-07-03 15:14 - 2017-03-24 12:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-07-02 16:00 - 2016-03-24 12:15 - 000420616 _____ C:\Users\tha\Desktop\prophet_provokation_des_pol_pasolini1.odt 2017-07-02 15:39 - 2017-06-15 19:27 - 000021788 _____ C:\Users\tha\Desktop\notentabelle_thembi1.ods 2017-07-01 23:21 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-06-30 16:46 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-06-30 16:46 - 2016-07-16 13:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-09-27 11:04 - 2016-09-27 11:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\tha\DropboxInstaller.exe C:\Users\tha\FreeYouTube52Download.exe C:\Users\tha\MVI_9733.DAT C:\Users\tha\vlc-2.1.5-win64.exe Einige Dateien in TEMP: ==================== 2017-02-04 06:06 - 2017-02-04 06:06 - 000244264 _____ (McAfee, Inc.) C:\Users\Administrator\AppData\Local\Temp\McCSPInstall.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-07-27 12:24 ==================== Ende von FRST.txt ============================ |
30.07.2017, 22:40 | #9 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-07-2017 durchgeführt von Administrator (30-07-2017 23:31:04) Gestartet von C:\Users\tha\Downloads Windows 10 Pro Version 1607 (X64) (2016-09-27 09:46:09) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1389048734-1753713617-1501943725-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1389048734-1753713617-1501943725-503 - Limited - Disabled) Gast (S-1-5-21-1389048734-1753713617-1501943725-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-1389048734-1753713617-1501943725-1003 - Limited - Enabled) Kind 1_2_3 (S-1-5-21-1389048734-1753713617-1501943725-1004 - Limited - Enabled) => C:\Users\Kind 1_2_3 tha (S-1-5-21-1389048734-1753713617-1501943725-1001 - Limited - Enabled) => C:\Users\tha ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric) Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH) DVDStyler v2.9.4 (HKLM-x32\...\DVDStyler_is1) (Version: - ) Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) flunatic 1.3 (HKLM-x32\...\flunatic_is1) (Version: - Enjoy Speaking GmbH) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation) HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java Runtime Environment Packages (HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Java Runtime Environment Packages) (Version: - ) <==== ACHTUNG Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.1.0.234 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.140 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.1 - X Codec Pack team) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {06D65758-E692-48F5-BD7C-6A7B1CAC510E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {08D5EC47-D7FE-49DA-9E38-8482755C516B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {170D1B36-68F2-4379-B1F3-10F57A9ACB8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {1770B273-66BA-418B-8C88-96860F73949E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo) Task: {1BA7BF27-EB57-4A76-B215-43FC7BFCB950} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {1E6FEE40-D852-40AD-990D-E2373F9A3088} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {2BDDE4FD-78FE-4CD8-855D-98811E8B7F5F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {2C17203C-8FDC-435E-9A66-33E2C3F94B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {2E1A8A5B-4DBC-465E-A662-6AD819FA7951} - System32\Tasks\{E3AF1795-4B41-4101-9198-112550D5A99F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" Task: {307D0009-B084-4178-A0AF-0BBBE0D538EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36467C34-6B5D-447C-901E-A6D5BFE7BBBA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {38D04AA9-558D-42B9-BBE1-C4EC0042576F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation) Task: {4A13A81A-5809-41CF-9689-A4F466EA9AC6} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo) Task: {4EB01A95-7DCA-476A-9E42-417DFAFB3F6B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {6471F4E0-CD8A-4D00-8EAD-83077B06286C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {6A827DED-8D3D-45F9-95E3-3FEE4D431CD1} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.) Task: {72ECF62F-AD3C-47F0-A756-0EB0878BC3C9} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {7CDF6E23-A8AB-416F-9034-CE7D23C78E65} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {8A1CB173-4983-44A6-B852-2A57C24CA784} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {9A5BF77C-7672-4C30-8E68-C0338C540173} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.) Task: {A728E5AD-D316-4E82-9320-F3B03F3C2600} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {B60F05C3-C751-4E80-9828-294CD51B18E8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {B6422F83-6091-49DC-BFBE-1820EF88AE6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {BEA10713-3162-4933-A305-7D85C913B1D5} - System32\Tasks\AdobeAAMUpdater-1.0-paolo-tha => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated) Task: {C5C2DE6B-749C-4F6E-A3E1-02C45EE4FFDF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {CEA5CCB7-E14A-4B0F-B3CF-9AE002CDD9CE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-12-07] () Task: {D440403A-71DF-417D-BA85-82C295085AE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {D89DCB42-84EA-4C15-A181-3F0FE87789C2} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-12-07] (Lenovo) Task: {DC957BA9-F0B0-4B53-BA84-1A1A201246D7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1389048734-1753713617-1501943725-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {EB235CF6-86BD-405A-8D5B-5BECBDD50782} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.) Task: {F275F16F-87A7-4F72-B07F-C7DBC72E8DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {F8444E25-37D2-4136-99A8-2A87542A8100} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-28] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-07-03 15:17 - 2017-06-11 13:00 - 000583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll 2017-07-03 15:17 - 2017-06-11 12:59 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll 2017-07-03 15:17 - 2017-06-11 13:00 - 000571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-07-11 23:21 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-27 15:50 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-09-27 11:52 - 2016-09-27 11:52 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 20:13 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 20:14 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-12-17 09:40 - 2013-08-20 03:12 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2017-05-15 21:51 - 000000839 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tha\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{05893cdd-8c10-4f2f-a079-dcce678ce4bb}.JPG HKU\S-1-5-21-1389048734-1753713617-1501943725-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\StartupApproved\Run: => "Skype" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{9CA4EEE3-061D-4536-AC85-7F7D020C1C45}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B2056228-4E99-467B-BF44-67913C5EAEA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8C2AA4D1-5806-4ACB-B157-7662C5208330}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{195EECDF-E25D-4BAE-9A70-1C6B94BEF5CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{60F478B1-9559-4A1A-A966-B5402AF2BF5D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{F4807A2D-7B24-41F3-B4E4-DD36D71AFB0B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{6E3AAEE8-87EA-4E66-B248-E8BC682C676F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B242005C-72FC-43ED-ACE1-127B25720C29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{596C2672-0ACA-4D15-8640-57DB1FFFC547}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{190CB1E7-16B4-4DE9-A03B-9D183BE8B6B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8E2637F0-BDF7-45BB-805B-3F830D03EDB5}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{7F867922-7BD5-48BA-B923-14301034520E}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [{60E8E99F-94F0-4C26-B25A-3C93EF4B0D0C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CFEDDBD9-334B-4218-8C25-7720942FF358}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3BFE768E-58EE-4F54-ADB4-DB9CDFCB545D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1103D97D-FB26-40A8-A75C-900A36ACF3DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{356A0416-BABB-4620-9354-58D6E85222AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5480EADE-BA5F-4D69-B810-923F980AF25B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E6EC62D7-AFE5-4C85-AE2D-0E9EF7A0772A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{086A9E3F-70ED-43FD-9FAA-F79CDDD59FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{268A1F13-49F2-44F6-AA2F-B0C8880E5130}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B2EB4617-7793-40AB-BA0A-16A325D81C78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{91B48B29-846B-4032-9259-1E82059A8073}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DD0A2729-C871-4B22-9E3A-A9B09142E62D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{59C8F6BD-586A-4705-B3A6-2A4C252BCDFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9DE8A2F7-A1F5-4BC0-AF04-3EEEAF438C44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{118D78CD-A4E1-4072-B118-D5F180766BDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{722FB436-451E-4A69-9C33-8EAC55B964D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6896DACA-A6E1-4DFE-9D3A-B31F32914110}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{4FCA6453-196D-40A0-A1A8-AED82AA763E9}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{0C5B01F7-1BED-43D6-89C7-9A49C3FC1762}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B5D66BA7-0918-4243-A1BA-D4750F6D08F0}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{122DA9B0-29D8-420E-B273-87E6B31D97B9}C:\users\tha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tha\appdata\roaming\spotify\spotify.exe FirewallRules: [{50FD00A0-8EA0-479D-BDB5-9CB89B52279E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe ==================== Wiederherstellungspunkte ========================= 09-07-2017 12:50:12 Windows Update 17-07-2017 23:37:47 Geplanter Prüfpunkt 26-07-2017 18:28:35 Geplanter Prüfpunkt 28-07-2017 14:11:06 McAfee Vulnerability Scanner ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/30/2017 11:19:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm firefox.exe, Version 54.0.1.6388 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 17ac Startzeit: 01d30977b697dbc5 Beendigungszeit: 0 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: abda065f-756c-11e7-8328-485ab6d094c4 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (07/30/2017 11:05:52 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: paolo) Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005. Error: (07/30/2017 11:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 986766 Error: (07/30/2017 11:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 986766 Error: (07/30/2017 11:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/30/2017 09:50:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 D.1.9.7.E.A.6.C.7.0.4.0.F.4.8.5.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR paolo-2.local. Error: (07/30/2017 09:50:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.2.108:5353 13 D.1.9.7.E.A.6.C.7.0.4.0.F.4.8.5.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR paolo.local. Error: (07/30/2017 09:50:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 3.9.6.9.C.1.8.8.D.6.3.3.B.7.C.0.B.8.0.A.E.E.3.4.6.D.0.0.3.0.0.2.ip6.arpa. PTR paolo-2.local. Error: (07/30/2017 09:50:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.2.108:5353 13 3.9.6.9.C.1.8.8.D.6.3.3.B.7.C.0.B.8.0.A.E.E.3.4.6.D.0.0.3.0.0.2.ip6.arpa. PTR paolo.local. Error: (07/30/2017 09:50:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 D.1.9.7.E.A.6.C.7.0.4.0.F.4.8.5.B.8.0.A.E.E.3.4.6.D.0.0.3.0.0.2.ip6.arpa. PTR paolo-2.local. Systemfehler: ============= Error: (07/30/2017 11:05:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 11:05:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 11:05:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 09:29:01 PM) (Source: DCOM) (EventID: 10010) (User: paolo) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/30/2017 09:29:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 09:01:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 07:47:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 07:41:35 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{752073A1-23F2-4396-85F0-8FDB879ED0ED}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/30/2017 06:29:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/30/2017 05:54:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2017-03-24 11:15:53.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz Prozentuale Nutzung des RAM: 38% Installierter physikalischer RAM: 8108.36 MB Verfügbarer physikalischer RAM: 4949.7 MB Summe virtueller Speicher: 17437.29 MB Verfügbarer virtueller Speicher: 3301.43 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.09 GB) (Free:431.48 GB) NTFS Drive f: () (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32 ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484) Partition 1: (Active) - (Size=1000 MB) - (Type=0B) Partition 2: (Not Active) - (Size=930.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Ende von Addition.txt ============================ |
31.07.2017, 12:48 | #10 |
/// TB-Ausbilder | Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
31.07.2017, 15:20 | #11 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 31 13:25:42 2017 # Updated on 2017/17/07 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\Administrator\AppData\Local\slimware utilities inc Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc Deleted: C:\Program Files (x86)\Chip Digital GmbH ***** [ Files ] ***** Deleted: C:\Windows\SysNative\drivers\swdumon.sys Deleted: C:\Windows\System32\drivers\DRVAGENT64.SYS ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\sweet-page.com Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\de.yhs4.search.yahoo.com Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\eSupport.com Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-500\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc Deleted: [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC. Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\java runtime environment packages Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverUpdate Deleted: [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\InstallCore ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::Firewall rules cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [2539 B] - [2015/9/20 22:2:9] C:/AdwCleaner/AdwCleaner[C2].txt - [770 B] - [2015/9/20 22:12:10] C:/AdwCleaner/AdwCleaner[S1].txt - [2353 B] - [2015/9/20 21:58:52] C:/AdwCleaner/AdwCleaner[S2].txt - [3012 B] - [2015/9/20 22:10:9] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ########## Mein Computer läuft jetzt schon viel besser Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 31 12:52:26 2017 # Updated on 2017/17/07 by Malwarebytes # Database: 07-29-2017.2 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Users\Administrator\AppData\Local\slimware utilities inc PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers PUP.Optional.Legacy, C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc PUP.Optional.Chip, C:\Program Files (x86)\Chip Digital GmbH ***** [ Files ] ***** PUP.Optional.Legacy, C:\Windows\SysNative\drivers\swdumon.sys PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\sweet-page.com PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\de.yhs4.search.yahoo.com PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\eSupport.com PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\SlimWare Utilities Inc PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-500\Software\SlimWare Utilities Inc PUP.Optional.Legacy, [Key] - HKCU\Software\SlimWare Utilities Inc PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC. PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\java runtime environment packages PUP.Optional.DriverUpdate, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverUpdate PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\InstallCore ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [2539 B] - [2015/9/20 22:2:9] C:/AdwCleaner/AdwCleaner[C2].txt - [770 B] - [2015/9/20 22:12:10] C:/AdwCleaner/AdwCleaner[S1].txt - [2353 B] - [2015/9/20 21:58:52] C:/AdwCleaner/AdwCleaner[S2].txt - [670 B] - [2015/9/20 22:10:9] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ########## Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 31.07.17 Scan-Zeit: 15:34 Protokolldatei: Administrator: Nein -Softwaredaten- Version: 3.1.2.1733 Komponentenversion: 1.0.160 Version des Aktualisierungspakets: 1.0.2474 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 14393.1480) CPU: x64 Dateisystem: NTFS Benutzer: paolo\tha -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 495473 Erkannte Bedrohungen: 4 In die Quarantäne verschobene Bedrohungen: 4 Abgelaufene Zeit: 6 Min., 23 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 1 PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, In Quarantäne, [1828], [235613],1.0.2474 Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 3 PUP.Optional.ChipDigital, C:\USERS\ADMINISTRATOR\DOWNLOADS\FIREFOX - CHIP-INSTALLER.EXE, In Quarantäne, [15188], [282424],1.0.2474 PUP.Optional.InstallCore, C:\USERS\THA\DOCUMENTS\JAVASETUP.EXE, In Quarantäne, [2], [301065],1.0.2474 PUP.Optional.DriverUpdate, C:\USERS\THA\DOWNLOADS\DRIVERUPDATE-SETUP.EXE, In Quarantäne, [935], [331447],1.0.2474 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 31.07.17 Scan-Zeit: 15:51 Protokolldatei: Administrator: Nein -Softwaredaten- Version: 3.1.2.1733 Komponentenversion: 1.0.160 Version des Aktualisierungspakets: 1.0.2474 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 14393.1480) CPU: x64 Dateisystem: NTFS Benutzer: paolo\tha -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 495479 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 5 Min., 0 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Ich habe die Texte in die Zwischenablage kopiert, denn wenn ich die Textdatei abgespeichert habe, so war sie immer leer... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017 durchgeführt von Administrator (Administrator) auf PAOLO (31-07-2017 16:17:05) Gestartet von C:\Users\tha\Downloads Geladene Profile: tha & Administrator (Verfügbare Profile: tha & Kind 1_2_3 & Administrator & Gast) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [703272 2015-10-28] (Alps Electric Co., Ltd.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [892536 2015-07-16] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C2].tx Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-12-16] ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-29] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{7126d5c5-abe5-4848-996b-ac34b988f149}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{814f66ba-d36a-4538-8b9c-8fa24599115a}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001 -> {388E85C4-8995-4311-8A02-876679A476F0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141202&p={searchTerms} SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-500 -> DefaultScope {79B7E768-F438-4483-A908-16B95014F5A4} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18] (Oracle Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: gsolg4hz.default-1412230849321 FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 [2015-12-16] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 -> SuchMaschine FF Extension: (Cliqz) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\cliqz@cliqz.com.xpi [2015-11-26] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-26] FF Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26] FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\privatelee-https.xml [2014-10-27] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\suchmaschine.xml [2014-12-31] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\youtube.xml [2015-11-26] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-07-03] [ist nicht signiert] FF HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\extensions\cliqz@cliqz.com => nicht gefunden FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-19] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-11-09] (McAfee, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90440 2015-10-28] (Alps Electric Co., Ltd.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.) R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-20] (Intel Corporation) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-07-25] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] () S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-10-24] (REALiX(tm)) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-31] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-31] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-31] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-31] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-31] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-20] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.) U3 mfeavfk01; kein ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-12-20] (Realsil Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-31 16:10 - 2017-07-31 16:10 - 000000084 ____H C:\Users\tha\Desktop\.~lock.mbam.txt# 2017-07-31 16:05 - 2017-07-31 16:05 - 000000000 _____ C:\Users\tha\Desktop\mbam.txt 2017-07-31 15:57 - 2017-07-31 16:10 - 000001403 _____ C:\Users\Administrator\Desktop\mbam.txt2.txt 2017-07-31 15:56 - 2017-07-31 16:10 - 000001758 _____ C:\Users\Administrator\Desktop\mbam.txt 2017-07-31 15:33 - 2017-07-31 15:44 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-07-31 15:33 - 2017-07-31 15:44 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-07-31 15:33 - 2017-07-31 15:44 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-07-31 15:33 - 2017-07-31 15:33 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-07-31 15:33 - 2017-07-31 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-07-31 15:33 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-07-31 15:32 - 2017-07-31 15:32 - 000000000 ____D C:\Program Files\Malwarebytes 2017-07-31 15:31 - 2017-07-31 15:32 - 065033984 _____ (Malwarebytes ) C:\Users\tha\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe 2017-07-31 14:33 - 2017-07-31 14:33 - 000001320 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_7.0.0.0.lnk 2017-07-31 14:25 - 2017-07-31 14:35 - 008162248 _____ (Malwarebytes) C:\Users\tha\Desktop\adwcleaner_7.0.0.0.exe 2017-07-30 23:29 - 2017-07-30 23:29 - 000000000 ____D C:\Users\tha\Downloads\FRST-OlderVersion 2017-07-30 16:40 - 2017-07-30 23:31 - 000045937 _____ C:\Users\tha\Downloads\Addition.txt 2017-07-30 16:40 - 2017-07-30 19:45 - 000293136 _____ C:\TDSSKiller.3.1.0.15_30.07.2017_16.40.35_log.txt 2017-07-30 16:31 - 2017-07-30 16:36 - 004922400 _____ (AO Kaspersky Lab) C:\Users\tha\Downloads\tdsskiller.exe 2017-07-30 16:20 - 2017-07-31 16:17 - 000028772 _____ C:\Users\tha\Downloads\FRST.txt 2017-07-30 16:10 - 2017-07-30 23:29 - 002381312 _____ (Farbar) C:\Users\tha\Downloads\FRST64.exe 2017-07-27 11:20 - 2017-07-27 11:20 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1389048734-1753713617-1501943725-1001 2017-07-19 00:19 - 2017-07-28 01:18 - 000000000 ____D C:\Users\tha\Documents\filmkulturerbe 2017-07-18 15:42 - 2017-07-18 15:42 - 000068739 _____ C:\Users\tha\Desktop\Detail.pdf 2017-07-17 12:39 - 2017-07-19 08:45 - 000000000 ____D C:\Users\tha\Documents\Schriften 2017-07-17 12:38 - 2017-07-17 12:38 - 000321089 _____ C:\Users\tha\Desktop\Archiv.zip 2017-07-11 23:22 - 2017-07-07 09:49 - 000340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-07-11 23:22 - 2017-07-07 09:46 - 000781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:45 - 002263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-07-11 23:22 - 2017-07-07 09:40 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 005686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:20 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2017-07-11 23:22 - 2017-07-07 09:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll 2017-07-11 23:22 - 2017-07-07 09:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 23:22 - 2017-07-07 09:10 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 23:22 - 2017-07-07 09:06 - 007626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-07-11 23:22 - 2017-07-07 09:03 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 23:22 - 2017-07-07 09:02 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 23:22 - 2017-07-07 09:00 - 000476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 004423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 23:22 - 2017-07-07 08:54 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-07-11 23:22 - 2017-07-07 08:53 - 002483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 004561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 23:22 - 2017-07-07 08:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-07-11 23:22 - 2017-06-21 10:18 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-07-11 23:22 - 2017-06-21 09:52 - 000088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-07-11 23:22 - 2017-06-21 09:52 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-07-11 23:22 - 2017-06-21 09:42 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 23:22 - 2017-06-21 09:42 - 000601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-07-11 23:22 - 2017-06-21 09:39 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-07-11 23:22 - 2017-06-21 09:38 - 000790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 23:22 - 2017-06-21 09:36 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-07-11 23:22 - 2017-06-21 09:36 - 000129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2017-07-11 23:22 - 2017-06-21 09:30 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-07-11 23:22 - 2017-06-21 09:30 - 000196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2017-07-11 23:22 - 2017-06-21 09:29 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 002277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll 2017-07-11 23:22 - 2017-06-21 09:22 - 000361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 006665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2017-07-11 23:22 - 2017-06-21 09:19 - 004312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 23:22 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-07-11 23:22 - 2017-06-21 09:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys 2017-07-11 23:22 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-07-11 23:22 - 2017-06-21 09:01 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 08:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-07-11 23:22 - 2017-06-21 08:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-07-11 23:22 - 2017-06-21 08:47 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-07-11 23:22 - 2017-06-21 08:45 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 002749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-07-11 23:22 - 2017-06-21 08:42 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-07-11 23:22 - 2017-06-21 08:38 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:35 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:34 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-07-11 23:22 - 2017-06-21 08:31 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-07-11 23:22 - 2017-06-21 08:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll 2017-07-11 23:22 - 2017-06-21 08:10 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-07-11 23:22 - 2017-03-04 08:56 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-07-11 23:22 - 2017-03-04 08:19 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-07-11 23:22 - 2017-03-04 08:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-07-11 23:22 - 2017-03-04 08:16 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:22 - 2017-03-04 08:12 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-07-11 23:22 - 2017-03-04 08:02 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-07-11 23:22 - 2016-10-05 11:15 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-07-11 23:22 - 2016-09-15 18:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:22 - 2016-09-15 18:47 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-07-11 23:21 - 2017-07-07 09:44 - 000108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 23:21 - 2017-07-07 09:42 - 007781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-07-11 23:21 - 2017-07-07 09:37 - 000468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 23:21 - 2017-07-07 09:37 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-07-11 23:21 - 2017-07-07 09:32 - 000404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-07-11 23:21 - 2017-07-07 09:29 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-07-11 23:21 - 2017-07-07 09:24 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-07-11 23:21 - 2017-07-07 09:23 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 23:21 - 2017-07-07 09:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 09:18 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 001100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 23:21 - 2017-07-07 09:14 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 09:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 23:21 - 2017-07-07 09:11 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 09:06 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 09:05 - 019414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-07-11 23:21 - 2017-07-07 09:00 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:57 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:56 - 006035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:55 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:54 - 002027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:51 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 23:21 - 2017-07-07 08:46 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-07-11 23:21 - 2017-07-07 08:44 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 08:39 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 23:21 - 2017-07-07 08:36 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 23:21 - 2017-07-07 08:35 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 23:21 - 2017-07-07 08:33 - 000576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll 2017-07-11 23:21 - 2017-07-07 08:31 - 023676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-07-11 23:21 - 2017-07-07 08:30 - 013090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:29 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:28 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 23:21 - 2017-07-07 08:27 - 008120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 004744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-07-11 23:21 - 2017-06-21 09:54 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-07-11 23:21 - 2017-06-21 09:53 - 000794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 001886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 000774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-07-11 23:21 - 2017-06-21 09:51 - 002255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-07-11 23:21 - 2017-06-21 09:48 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-07-11 23:21 - 2017-06-21 09:41 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:40 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 007220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 008169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 004260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 23:21 - 2017-06-21 09:26 - 000387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-07-11 23:21 - 2017-06-21 09:06 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 23:21 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-07-11 23:21 - 2017-06-21 09:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-07-11 23:21 - 2017-06-21 09:02 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:21 - 2017-06-21 08:59 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2017-07-11 23:21 - 2017-06-21 08:58 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-07-11 23:21 - 2017-06-21 08:58 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-07-11 23:21 - 2017-06-21 08:57 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 23:21 - 2017-06-21 08:56 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-07-11 23:21 - 2017-06-21 08:56 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 23:21 - 2017-06-21 08:55 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 017198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-07-11 23:21 - 2017-06-21 08:51 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-07-11 23:21 - 2017-06-21 08:50 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-07-11 23:21 - 2017-06-21 08:43 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 001891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 005611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-07-11 23:21 - 2017-06-21 08:38 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-07-11 23:21 - 2017-06-21 08:36 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-07-11 23:21 - 2017-06-21 08:34 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2017-07-11 23:21 - 2017-06-21 08:33 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-07-11 23:21 - 2017-06-21 08:33 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll 2017-07-11 23:21 - 2017-05-23 06:58 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-07-11 23:21 - 2017-03-04 09:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-07-11 23:21 - 2017-03-04 08:28 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:21 - 2017-03-04 08:26 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-07-11 23:21 - 2017-03-04 08:20 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:21 - 2017-03-04 08:19 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-07-11 23:21 - 2017-03-04 08:17 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-07-11 23:21 - 2017-03-04 08:15 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-07-11 23:21 - 2017-03-04 08:14 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 23:21 - 2016-10-15 05:45 - 001790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-07-11 23:21 - 2016-08-27 07:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 23:20 - 2017-07-07 09:40 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-07-11 23:20 - 2017-07-07 09:28 - 000223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 23:20 - 2017-07-07 09:23 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-07-11 23:20 - 2017-07-07 08:58 - 007217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-07-11 23:20 - 2017-07-07 08:49 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-07-11 23:20 - 2017-07-07 08:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 23:20 - 2017-07-07 08:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2017-07-11 23:20 - 2017-07-07 08:45 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-07-11 23:20 - 2017-07-07 08:45 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-07-11 23:20 - 2017-07-07 08:43 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 23:20 - 2017-07-07 08:34 - 009131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-07-11 23:20 - 2017-07-07 08:29 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-07-11 23:20 - 2017-07-07 08:28 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 23:20 - 2017-07-07 08:25 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 005388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-07-11 23:20 - 2017-07-07 08:24 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 23:20 - 2017-07-07 08:22 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 23:20 - 2017-06-21 09:56 - 001405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-07-11 23:20 - 2017-06-21 09:55 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 001669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-07-11 23:20 - 2017-06-21 09:54 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-07-11 23:20 - 2017-06-21 09:51 - 000434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-07-11 23:20 - 2017-06-21 09:50 - 000126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2017-07-11 23:20 - 2017-06-21 09:47 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 000224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 23:20 - 2017-06-21 09:36 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-07-11 23:20 - 2017-06-21 09:35 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-07-11 23:20 - 2017-06-21 09:35 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-07-11 23:20 - 2017-06-21 09:31 - 004674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 23:20 - 2017-06-21 09:03 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2017-07-11 23:20 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-07-11 23:20 - 2017-06-21 09:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-07-11 23:20 - 2017-06-21 08:57 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-07-11 23:20 - 2017-06-21 08:52 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-07-11 23:20 - 2017-06-21 08:51 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-07-11 23:20 - 2017-06-21 08:50 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-07-11 23:20 - 2017-06-21 08:48 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-07-11 23:20 - 2017-06-21 08:48 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 003290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-07-11 23:20 - 2017-06-21 08:46 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2017-07-11 23:20 - 2017-06-21 08:45 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-07-11 23:20 - 2017-06-21 08:43 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-07-11 23:20 - 2017-06-21 08:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-07-11 23:20 - 2017-06-21 08:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 23:20 - 2017-06-21 08:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 23:20 - 2017-06-21 08:37 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-07-11 23:20 - 2017-06-21 08:35 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-07-11 23:20 - 2017-06-21 08:34 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-07-11 23:20 - 2017-03-04 08:27 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 23:20 - 2016-10-05 11:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-07-09 17:18 - 2017-07-09 17:18 - 000000000 ____D C:\adobeTemp 2017-07-09 16:26 - 2017-07-09 17:08 - 000001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2017-07-09 15:53 - 2017-07-09 15:53 - 000087314 _____ C:\Users\tha\Downloads\rounded_elegance.zip 2017-07-09 15:19 - 2013-09-16 23:00 - 000000000 ____D C:\Users\tha\Desktop\__MACOSX 2017-07-09 13:19 - 2017-07-09 13:19 - 000001414 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-07-09 12:51 - 2017-07-09 12:52 - 000000000 ____D C:\Program Files\UNP 2017-07-09 12:51 - 2017-07-09 12:51 - 000000000 ____D C:\WINDOWS\system32\UNP 2017-07-07 10:29 - 2017-07-07 10:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc 2017-07-07 09:07 - 2017-07-07 09:07 - 000000000 _____ C:\Users\tha\Downloads\FreemakeVideoConverterSetup.exe 2017-07-07 08:59 - 2017-07-07 08:59 - 001524744 _____ C:\Users\tha\Downloads\Quick Media Converter - CHIP-Installer.exe 2017-07-06 08:23 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-07-06 08:23 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-07-06 08:22 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-07-06 08:22 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-07-05 21:13 - 2017-07-05 21:13 - 000064011 _____ C:\Users\tha\Desktop\entwurf (2014_11_26 12_22_02 UTC).odt 2017-07-04 20:51 - 2017-07-04 20:51 - 000000000 ____D C:\Users\tha\Desktop\vitero Dateien 2017-07-04 18:59 - 2017-07-04 19:02 - 012675832 _____ C:\Users\tha\Downloads\vitero.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-31 16:17 - 2015-04-09 14:37 - 000000000 ____D C:\FRST 2017-07-31 15:51 - 2016-07-17 00:51 - 001653434 _____ C:\WINDOWS\system32\perfh007.dat 2017-07-31 15:51 - 2016-07-17 00:51 - 000411778 _____ C:\WINDOWS\system32\perfc007.dat 2017-07-31 15:51 - 2015-10-28 21:28 - 003592634 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-07-31 15:48 - 2016-11-20 20:31 - 000000000 ____D C:\Users\tha\AppData\LocalLow\Mozilla 2017-07-31 15:47 - 2016-09-27 11:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-31 15:47 - 2014-10-04 21:23 - 000000000 __SHD C:\Users\tha\IntelGraphicsProfiles 2017-07-31 15:44 - 2016-09-27 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-07-31 15:44 - 2016-09-27 11:05 - 000000000 ____D C:\ProgramData\NVIDIA 2017-07-31 15:44 - 2015-04-09 21:43 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-07-31 15:44 - 2014-12-02 22:38 - 000000000 ____D C:\Program Files (x86)\McAfee 2017-07-31 15:43 - 2016-07-16 08:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-07-31 15:39 - 2015-09-20 23:58 - 000000000 ____D C:\AdwCleaner 2017-07-31 15:33 - 2015-04-09 21:36 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-07-31 15:32 - 2014-11-14 01:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-07-31 15:32 - 2014-10-01 02:47 - 000000000 ____D C:\Users\tha\AppData\Local\Adobe 2017-07-31 15:26 - 2016-09-27 11:10 - 000000000 ____D C:\Users\tha 2017-07-31 15:26 - 2016-09-27 11:03 - 005002816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-07-31 15:13 - 2016-09-27 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-07-31 08:41 - 2017-06-19 10:17 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2017-07-30 23:31 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF 2017-07-30 21:29 - 2015-06-26 18:48 - 000000000 ____D C:\Users\tha\AppData\Roaming\vlc 2017-07-30 21:25 - 2014-10-01 19:28 - 000000000 ____D C:\Users\tha\AppData\Roaming\Usenet.nl 2017-07-30 21:23 - 2014-10-01 10:19 - 000000000 ____D C:\Users\tha\Documents\Usenet.nl 2017-07-30 18:19 - 2017-06-19 10:17 - 000004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2017-07-28 22:59 - 2017-02-16 00:09 - 000000000 ____D C:\Users\tha\AppData\Local\CrashDumps 2017-07-28 22:58 - 2017-06-04 20:40 - 000000000 ____D C:\Users\tha\Desktop\neue HA 2017-07-28 22:47 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-07-28 14:17 - 2017-05-16 22:36 - 000004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-07-28 14:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-07-28 14:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-07-27 21:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-07-27 11:20 - 2015-10-28 21:49 - 000002416 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-27 11:20 - 2015-10-28 21:49 - 000000000 ___RD C:\Users\tha\OneDrive 2017-07-26 14:25 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-07-18 10:17 - 2014-10-01 01:01 - 000000000 ____D C:\ProgramData\Energy Manager 2017-07-17 22:37 - 2014-10-01 10:17 - 000000000 ____D C:\Users\tha\Documents\privates 2017-07-13 13:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache 2017-07-13 01:42 - 2015-05-01 10:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-12 08:48 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-07-12 08:19 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-07-11 23:31 - 2014-10-04 20:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-07-11 23:28 - 2014-10-04 20:52 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-11 22:54 - 2016-07-16 13:43 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-07-11 19:04 - 2015-10-07 19:50 - 000000000 ____D C:\Users\tha\Documents\Uni 2017-07-09 17:25 - 2014-10-01 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 2017-07-09 17:20 - 2014-10-01 11:08 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-07-09 17:17 - 2014-10-01 11:07 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-07-09 17:16 - 2014-10-01 11:10 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-07-09 17:08 - 2015-11-18 13:04 - 000001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2017-07-06 08:33 - 2016-08-15 21:31 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-07-04 20:51 - 2015-02-09 10:23 - 000000000 ____D C:\Users\tha\AppData\Roaming\vitero 2017-07-04 08:02 - 2014-12-02 22:39 - 000000000 ____D C:\Program Files\McAfee 2017-07-04 08:01 - 2016-11-20 19:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-07-04 08:01 - 2014-10-02 08:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-07-03 15:17 - 2017-03-24 11:48 - 000000000 ____D C:\Program Files\Common Files\McAfee 2017-07-03 15:17 - 2014-10-01 02:49 - 000000000 ____D C:\ProgramData\McAfee 2017-07-03 15:16 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-07-03 15:15 - 2017-03-24 12:28 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2017-07-03 15:14 - 2017-03-24 12:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-07-02 16:00 - 2016-03-24 12:15 - 000420616 _____ C:\Users\tha\Desktop\prophet_provokation_des_pol_pasolini1.odt 2017-07-02 15:39 - 2017-06-15 19:27 - 000021788 _____ C:\Users\tha\Desktop\notentabelle_thembi1.ods 2017-07-01 23:21 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-09-27 11:04 - 2016-09-27 11:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\tha\DropboxInstaller.exe C:\Users\tha\FreeYouTube52Download.exe C:\Users\tha\MVI_9733.DAT C:\Users\tha\vlc-2.1.5-win64.exe Einige Dateien in TEMP: ==================== 2017-02-04 06:06 - 2017-02-04 06:06 - 000244264 _____ (McAfee, Inc.) C:\Users\Administrator\AppData\Local\Temp\McCSPInstall.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-07-27 12:24 ==================== Ende von FRST.txt ============================ |
31.07.2017, 15:23 | #12 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017 durchgeführt von Administrator (Administrator) auf PAOLO (31-07-2017 16:17:05) Gestartet von C:\Users\tha\Downloads Geladene Profile: tha & Administrator (Verfügbare Profile: tha & Kind 1_2_3 & Administrator & Gast) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [703272 2015-10-28] (Alps Electric Co., Ltd.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-01] (Lenovo(beijing) Limited) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [892536 2015-07-16] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C2].tx Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-12-16] ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-29] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{7126d5c5-abe5-4848-996b-ac34b988f149}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{814f66ba-d36a-4538-8b9c-8fa24599115a}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001 -> {388E85C4-8995-4311-8A02-876679A476F0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141202&p={searchTerms} SearchScopes: HKU\S-1-5-21-1389048734-1753713617-1501943725-500 -> DefaultScope {79B7E768-F438-4483-A908-16B95014F5A4} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18] (Oracle Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: gsolg4hz.default-1412230849321 FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 [2015-12-16] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321 -> SuchMaschine FF Extension: (Cliqz) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\cliqz@cliqz.com.xpi [2015-11-26] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-26] FF Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26] FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\privatelee-https.xml [2014-10-27] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\suchmaschine.xml [2014-12-31] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\searchplugins\youtube.xml [2015-11-26] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-07-03] [ist nicht signiert] FF HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\gsolg4hz.default-1412230849321\extensions\cliqz@cliqz.com => nicht gefunden FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-19] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-18] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-11-09] (McAfee, Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90440 2015-10-28] (Alps Electric Co., Ltd.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.) R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-20] (Intel Corporation) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-07-25] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] () S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2014-10-24] (REALiX(tm)) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-31] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-31] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-31] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-31] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-31] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-20] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.) U3 mfeavfk01; kein ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-12-20] (Realsil Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-31 16:10 - 2017-07-31 16:10 - 000000084 ____H C:\Users\tha\Desktop\.~lock.mbam.txt# 2017-07-31 16:05 - 2017-07-31 16:05 - 000000000 _____ C:\Users\tha\Desktop\mbam.txt 2017-07-31 15:57 - 2017-07-31 16:10 - 000001403 _____ C:\Users\Administrator\Desktop\mbam.txt2.txt 2017-07-31 15:56 - 2017-07-31 16:10 - 000001758 _____ C:\Users\Administrator\Desktop\mbam.txt 2017-07-31 15:33 - 2017-07-31 15:44 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-07-31 15:33 - 2017-07-31 15:44 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-07-31 15:33 - 2017-07-31 15:44 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-07-31 15:33 - 2017-07-31 15:33 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-07-31 15:33 - 2017-07-31 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-07-31 15:33 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-07-31 15:32 - 2017-07-31 15:32 - 000000000 ____D C:\Program Files\Malwarebytes 2017-07-31 15:31 - 2017-07-31 15:32 - 065033984 _____ (Malwarebytes ) C:\Users\tha\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe 2017-07-31 14:33 - 2017-07-31 14:33 - 000001320 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_7.0.0.0.lnk 2017-07-31 14:25 - 2017-07-31 14:35 - 008162248 _____ (Malwarebytes) C:\Users\tha\Desktop\adwcleaner_7.0.0.0.exe 2017-07-30 23:29 - 2017-07-30 23:29 - 000000000 ____D C:\Users\tha\Downloads\FRST-OlderVersion 2017-07-30 16:40 - 2017-07-30 23:31 - 000045937 _____ C:\Users\tha\Downloads\Addition.txt 2017-07-30 16:40 - 2017-07-30 19:45 - 000293136 _____ C:\TDSSKiller.3.1.0.15_30.07.2017_16.40.35_log.txt 2017-07-30 16:31 - 2017-07-30 16:36 - 004922400 _____ (AO Kaspersky Lab) C:\Users\tha\Downloads\tdsskiller.exe 2017-07-30 16:20 - 2017-07-31 16:17 - 000028772 _____ C:\Users\tha\Downloads\FRST.txt 2017-07-30 16:10 - 2017-07-30 23:29 - 002381312 _____ (Farbar) C:\Users\tha\Downloads\FRST64.exe 2017-07-27 11:20 - 2017-07-27 11:20 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1389048734-1753713617-1501943725-1001 2017-07-19 00:19 - 2017-07-28 01:18 - 000000000 ____D C:\Users\tha\Documents\filmkulturerbe 2017-07-18 15:42 - 2017-07-18 15:42 - 000068739 _____ C:\Users\tha\Desktop\Detail.pdf 2017-07-17 12:39 - 2017-07-19 08:45 - 000000000 ____D C:\Users\tha\Documents\Schriften 2017-07-17 12:38 - 2017-07-17 12:38 - 000321089 _____ C:\Users\tha\Desktop\Archiv.zip 2017-07-11 23:22 - 2017-07-07 09:49 - 000340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-07-11 23:22 - 2017-07-07 09:46 - 000781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:45 - 002263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-07-11 23:22 - 2017-07-07 09:40 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 005686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-07-11 23:22 - 2017-07-07 09:29 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-07-11 23:22 - 2017-07-07 09:20 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2017-07-11 23:22 - 2017-07-07 09:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-07-11 23:22 - 2017-07-07 09:18 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll 2017-07-11 23:22 - 2017-07-07 09:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-07-11 23:22 - 2017-07-07 09:13 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 23:22 - 2017-07-07 09:10 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 23:22 - 2017-07-07 09:09 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 23:22 - 2017-07-07 09:06 - 007626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-07-11 23:22 - 2017-07-07 09:03 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 23:22 - 2017-07-07 09:02 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 23:22 - 2017-07-07 09:00 - 000476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 004423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-07-11 23:22 - 2017-07-07 08:55 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 23:22 - 2017-07-07 08:54 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-07-11 23:22 - 2017-07-07 08:53 - 002483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 004561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-07-11 23:22 - 2017-07-07 08:52 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 23:22 - 2017-07-07 08:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-07-11 23:22 - 2017-06-21 10:18 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-07-11 23:22 - 2017-06-21 09:52 - 000088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-07-11 23:22 - 2017-06-21 09:52 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-07-11 23:22 - 2017-06-21 09:42 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 23:22 - 2017-06-21 09:42 - 000601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-07-11 23:22 - 2017-06-21 09:39 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-07-11 23:22 - 2017-06-21 09:38 - 000790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 23:22 - 2017-06-21 09:36 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-07-11 23:22 - 2017-06-21 09:36 - 000129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2017-07-11 23:22 - 2017-06-21 09:30 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-07-11 23:22 - 2017-06-21 09:30 - 000196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2017-07-11 23:22 - 2017-06-21 09:29 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 002277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-07-11 23:22 - 2017-06-21 09:28 - 000170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 001122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-07-11 23:22 - 2017-06-21 09:27 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 23:22 - 2017-06-21 09:25 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-07-11 23:22 - 2017-06-21 09:24 - 000154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll 2017-07-11 23:22 - 2017-06-21 09:22 - 000361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 006665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 23:22 - 2017-06-21 09:21 - 000374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-07-11 23:22 - 2017-06-21 09:20 - 000312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2017-07-11 23:22 - 2017-06-21 09:19 - 004312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 23:22 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-07-11 23:22 - 2017-06-21 09:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 09:02 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys 2017-07-11 23:22 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-07-11 23:22 - 2017-06-21 09:01 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2017-07-11 23:22 - 2017-06-21 09:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-07-11 23:22 - 2017-06-21 08:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-07-11 23:22 - 2017-06-21 08:59 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:22 - 2017-06-21 08:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 23:22 - 2017-06-21 08:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-07-11 23:22 - 2017-06-21 08:56 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-07-11 23:22 - 2017-06-21 08:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-07-11 23:22 - 2017-06-21 08:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:54 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-07-11 23:22 - 2017-06-21 08:54 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-07-11 23:22 - 2017-06-21 08:53 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-07-11 23:22 - 2017-06-21 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 23:22 - 2017-06-21 08:51 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-07-11 23:22 - 2017-06-21 08:50 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 23:22 - 2017-06-21 08:50 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-07-11 23:22 - 2017-06-21 08:49 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-07-11 23:22 - 2017-06-21 08:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-07-11 23:22 - 2017-06-21 08:47 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-07-11 23:22 - 2017-06-21 08:46 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-07-11 23:22 - 2017-06-21 08:45 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-07-11 23:22 - 2017-06-21 08:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2017-07-11 23:22 - 2017-06-21 08:44 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-07-11 23:22 - 2017-06-21 08:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 002749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-07-11 23:22 - 2017-06-21 08:42 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:42 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-07-11 23:22 - 2017-06-21 08:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-07-11 23:22 - 2017-06-21 08:40 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-07-11 23:22 - 2017-06-21 08:39 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-07-11 23:22 - 2017-06-21 08:38 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2017-07-11 23:22 - 2017-06-21 08:38 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-07-11 23:22 - 2017-06-21 08:37 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-07-11 23:22 - 2017-06-21 08:36 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:35 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-07-11 23:22 - 2017-06-21 08:35 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-07-11 23:22 - 2017-06-21 08:34 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-07-11 23:22 - 2017-06-21 08:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:22 - 2017-06-21 08:33 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-07-11 23:22 - 2017-06-21 08:32 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-07-11 23:22 - 2017-06-21 08:31 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-07-11 23:22 - 2017-06-21 08:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll 2017-07-11 23:22 - 2017-06-21 08:10 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-07-11 23:22 - 2017-03-04 08:56 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-07-11 23:22 - 2017-03-04 08:21 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-07-11 23:22 - 2017-03-04 08:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-07-11 23:22 - 2017-03-04 08:19 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-07-11 23:22 - 2017-03-04 08:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-07-11 23:22 - 2017-03-04 08:16 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:22 - 2017-03-04 08:12 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-07-11 23:22 - 2017-03-04 08:02 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-07-11 23:22 - 2016-10-05 11:15 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-07-11 23:22 - 2016-09-15 18:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:22 - 2016-09-15 18:47 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-07-11 23:21 - 2017-07-07 09:44 - 000108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 23:21 - 2017-07-07 09:42 - 007781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-07-11 23:21 - 2017-07-07 09:37 - 000468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 23:21 - 2017-07-07 09:37 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-07-11 23:21 - 2017-07-07 09:32 - 000404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-07-11 23:21 - 2017-07-07 09:29 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-07-11 23:21 - 2017-07-07 09:24 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-07-11 23:21 - 2017-07-07 09:23 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 23:21 - 2017-07-07 09:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 09:18 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 001100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 23:21 - 2017-07-07 09:18 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 23:21 - 2017-07-07 09:14 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 09:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 23:21 - 2017-07-07 09:11 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 09:06 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 09:05 - 019414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-07-11 23:21 - 2017-07-07 09:00 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:57 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:56 - 006035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:55 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:54 - 002027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:51 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2017-07-11 23:21 - 2017-07-07 08:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 23:21 - 2017-07-07 08:46 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 23:21 - 2017-07-07 08:45 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-07-11 23:21 - 2017-07-07 08:44 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 23:21 - 2017-07-07 08:44 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 23:21 - 2017-07-07 08:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 23:21 - 2017-07-07 08:39 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 23:21 - 2017-07-07 08:36 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 23:21 - 2017-07-07 08:35 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 23:21 - 2017-07-07 08:33 - 000576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll 2017-07-11 23:21 - 2017-07-07 08:31 - 023676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-07-11 23:21 - 2017-07-07 08:30 - 013090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-07-11 23:21 - 2017-07-07 08:29 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 23:21 - 2017-07-07 08:28 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 23:21 - 2017-07-07 08:28 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 23:21 - 2017-07-07 08:27 - 008120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 004744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-07-11 23:21 - 2017-07-07 08:24 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-07-11 23:21 - 2017-06-21 09:54 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-07-11 23:21 - 2017-06-21 09:53 - 000794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 001886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 23:21 - 2017-06-21 09:52 - 000774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-07-11 23:21 - 2017-06-21 09:51 - 002255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-07-11 23:21 - 2017-06-21 09:48 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-07-11 23:21 - 2017-06-21 09:41 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-07-11 23:21 - 2017-06-21 09:40 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 007220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-07-11 23:21 - 2017-06-21 09:38 - 001738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 23:21 - 2017-06-21 09:37 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-07-11 23:21 - 2017-06-21 09:33 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 008169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 004260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-07-11 23:21 - 2017-06-21 09:32 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-07-11 23:21 - 2017-06-21 09:31 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 23:21 - 2017-06-21 09:26 - 000387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-07-11 23:21 - 2017-06-21 09:06 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 23:21 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-07-11 23:21 - 2017-06-21 09:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-07-11 23:21 - 2017-06-21 09:02 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-07-11 23:21 - 2017-06-21 09:01 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-07-11 23:21 - 2017-06-21 09:00 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-07-11 23:21 - 2017-06-21 08:59 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2017-07-11 23:21 - 2017-06-21 08:58 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-07-11 23:21 - 2017-06-21 08:58 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-07-11 23:21 - 2017-06-21 08:57 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-07-11 23:21 - 2017-06-21 08:57 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 23:21 - 2017-06-21 08:56 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-07-11 23:21 - 2017-06-21 08:56 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-07-11 23:21 - 2017-06-21 08:56 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 23:21 - 2017-06-21 08:55 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-07-11 23:21 - 2017-06-21 08:55 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:54 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-07-11 23:21 - 2017-06-21 08:53 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 017198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-07-11 23:21 - 2017-06-21 08:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-07-11 23:21 - 2017-06-21 08:51 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-07-11 23:21 - 2017-06-21 08:50 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-07-11 23:21 - 2017-06-21 08:49 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-07-11 23:21 - 2017-06-21 08:47 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-07-11 23:21 - 2017-06-21 08:46 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-07-11 23:21 - 2017-06-21 08:43 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-07-11 23:21 - 2017-06-21 08:42 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-07-11 23:21 - 2017-06-21 08:41 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 001891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-07-11 23:21 - 2017-06-21 08:40 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-07-11 23:21 - 2017-06-21 08:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 005611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-07-11 23:21 - 2017-06-21 08:38 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-07-11 23:21 - 2017-06-21 08:38 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-07-11 23:21 - 2017-06-21 08:36 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-07-11 23:21 - 2017-06-21 08:34 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-07-11 23:21 - 2017-06-21 08:34 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2017-07-11 23:21 - 2017-06-21 08:33 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-07-11 23:21 - 2017-06-21 08:33 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll 2017-07-11 23:21 - 2017-05-23 06:58 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-07-11 23:21 - 2017-03-04 09:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-07-11 23:21 - 2017-03-04 08:28 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-07-11 23:21 - 2017-03-04 08:26 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-07-11 23:21 - 2017-03-04 08:23 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-07-11 23:21 - 2017-03-04 08:20 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-07-11 23:21 - 2017-03-04 08:19 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-07-11 23:21 - 2017-03-04 08:17 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-07-11 23:21 - 2017-03-04 08:15 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-07-11 23:21 - 2017-03-04 08:14 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 23:21 - 2016-10-15 05:45 - 001790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-07-11 23:21 - 2016-08-27 07:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 23:20 - 2017-07-07 09:40 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-07-11 23:20 - 2017-07-07 09:28 - 000223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 23:20 - 2017-07-07 09:23 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-07-11 23:20 - 2017-07-07 08:58 - 007217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-07-11 23:20 - 2017-07-07 08:49 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-07-11 23:20 - 2017-07-07 08:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 23:20 - 2017-07-07 08:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2017-07-11 23:20 - 2017-07-07 08:45 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-07-11 23:20 - 2017-07-07 08:45 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 23:20 - 2017-07-07 08:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-07-11 23:20 - 2017-07-07 08:43 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-07-11 23:20 - 2017-07-07 08:42 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 23:20 - 2017-07-07 08:34 - 009131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-07-11 23:20 - 2017-07-07 08:29 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-07-11 23:20 - 2017-07-07 08:28 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 23:20 - 2017-07-07 08:25 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 005388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-07-11 23:20 - 2017-07-07 08:24 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-07-11 23:20 - 2017-07-07 08:24 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 23:20 - 2017-07-07 08:22 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 23:20 - 2017-06-21 09:56 - 001405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-07-11 23:20 - 2017-06-21 09:55 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 001669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-07-11 23:20 - 2017-06-21 09:54 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-07-11 23:20 - 2017-06-21 09:54 - 000406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-07-11 23:20 - 2017-06-21 09:51 - 000434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-07-11 23:20 - 2017-06-21 09:50 - 000126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2017-07-11 23:20 - 2017-06-21 09:47 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 23:20 - 2017-06-21 09:40 - 000224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-07-11 23:20 - 2017-06-21 09:37 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 23:20 - 2017-06-21 09:36 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-07-11 23:20 - 2017-06-21 09:35 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-07-11 23:20 - 2017-06-21 09:35 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-07-11 23:20 - 2017-06-21 09:31 - 004674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 23:20 - 2017-06-21 09:03 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2017-07-11 23:20 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-07-11 23:20 - 2017-06-21 09:01 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-07-11 23:20 - 2017-06-21 09:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-07-11 23:20 - 2017-06-21 09:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-07-11 23:20 - 2017-06-21 08:59 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-07-11 23:20 - 2017-06-21 08:58 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-07-11 23:20 - 2017-06-21 08:57 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-07-11 23:20 - 2017-06-21 08:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-07-11 23:20 - 2017-06-21 08:56 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-07-11 23:20 - 2017-06-21 08:55 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-07-11 23:20 - 2017-06-21 08:54 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-07-11 23:20 - 2017-06-21 08:53 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-07-11 23:20 - 2017-06-21 08:52 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-07-11 23:20 - 2017-06-21 08:52 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-07-11 23:20 - 2017-06-21 08:51 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-07-11 23:20 - 2017-06-21 08:50 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-07-11 23:20 - 2017-06-21 08:49 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-07-11 23:20 - 2017-06-21 08:48 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-07-11 23:20 - 2017-06-21 08:48 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2017-07-11 23:20 - 2017-06-21 08:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 003290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-07-11 23:20 - 2017-06-21 08:46 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll 2017-07-11 23:20 - 2017-06-21 08:46 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2017-07-11 23:20 - 2017-06-21 08:45 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2017-07-11 23:20 - 2017-06-21 08:44 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-07-11 23:20 - 2017-06-21 08:43 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-07-11 23:20 - 2017-06-21 08:43 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-07-11 23:20 - 2017-06-21 08:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-07-11 23:20 - 2017-06-21 08:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 001021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-07-11 23:20 - 2017-06-21 08:41 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 23:20 - 2017-06-21 08:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-07-11 23:20 - 2017-06-21 08:40 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-07-11 23:20 - 2017-06-21 08:39 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 23:20 - 2017-06-21 08:37 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2017-07-11 23:20 - 2017-06-21 08:36 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-07-11 23:20 - 2017-06-21 08:35 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-07-11 23:20 - 2017-06-21 08:34 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-07-11 23:20 - 2017-03-04 08:27 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 23:20 - 2016-10-05 11:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-07-09 17:18 - 2017-07-09 17:18 - 000000000 ____D C:\adobeTemp 2017-07-09 16:26 - 2017-07-09 17:08 - 000001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2017-07-09 15:53 - 2017-07-09 15:53 - 000087314 _____ C:\Users\tha\Downloads\rounded_elegance.zip 2017-07-09 15:19 - 2013-09-16 23:00 - 000000000 ____D C:\Users\tha\Desktop\__MACOSX 2017-07-09 13:19 - 2017-07-09 13:19 - 000001414 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-07-09 12:51 - 2017-07-09 12:52 - 000000000 ____D C:\Program Files\UNP 2017-07-09 12:51 - 2017-07-09 12:51 - 000000000 ____D C:\WINDOWS\system32\UNP 2017-07-07 10:29 - 2017-07-07 10:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc 2017-07-07 09:07 - 2017-07-07 09:07 - 000000000 _____ C:\Users\tha\Downloads\FreemakeVideoConverterSetup.exe 2017-07-07 08:59 - 2017-07-07 08:59 - 001524744 _____ C:\Users\tha\Downloads\Quick Media Converter - CHIP-Installer.exe 2017-07-06 08:23 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-07-06 08:23 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-07-06 08:23 - 2017-04-11 20:27 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2017-07-06 08:23 - 2017-03-15 20:15 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2017-07-06 08:22 - 2017-04-11 20:27 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-07-06 08:22 - 2017-03-15 20:15 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-07-05 21:13 - 2017-07-05 21:13 - 000064011 _____ C:\Users\tha\Desktop\entwurf (2014_11_26 12_22_02 UTC).odt 2017-07-04 20:51 - 2017-07-04 20:51 - 000000000 ____D C:\Users\tha\Desktop\vitero Dateien 2017-07-04 18:59 - 2017-07-04 19:02 - 012675832 _____ C:\Users\tha\Downloads\vitero.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-31 16:17 - 2015-04-09 14:37 - 000000000 ____D C:\FRST 2017-07-31 15:51 - 2016-07-17 00:51 - 001653434 _____ C:\WINDOWS\system32\perfh007.dat 2017-07-31 15:51 - 2016-07-17 00:51 - 000411778 _____ C:\WINDOWS\system32\perfc007.dat 2017-07-31 15:51 - 2015-10-28 21:28 - 003592634 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-07-31 15:48 - 2016-11-20 20:31 - 000000000 ____D C:\Users\tha\AppData\LocalLow\Mozilla 2017-07-31 15:47 - 2016-09-27 11:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-07-31 15:47 - 2014-10-04 21:23 - 000000000 __SHD C:\Users\tha\IntelGraphicsProfiles 2017-07-31 15:44 - 2016-09-27 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-07-31 15:44 - 2016-09-27 11:05 - 000000000 ____D C:\ProgramData\NVIDIA 2017-07-31 15:44 - 2015-04-09 21:43 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-07-31 15:44 - 2014-12-02 22:38 - 000000000 ____D C:\Program Files (x86)\McAfee 2017-07-31 15:43 - 2016-07-16 08:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-07-31 15:39 - 2015-09-20 23:58 - 000000000 ____D C:\AdwCleaner 2017-07-31 15:33 - 2015-04-09 21:36 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-07-31 15:32 - 2014-11-14 01:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-07-31 15:32 - 2014-10-01 02:47 - 000000000 ____D C:\Users\tha\AppData\Local\Adobe 2017-07-31 15:26 - 2016-09-27 11:10 - 000000000 ____D C:\Users\tha 2017-07-31 15:26 - 2016-09-27 11:03 - 005002816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-07-31 15:13 - 2016-09-27 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-07-31 08:41 - 2017-06-19 10:17 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2017-07-30 23:31 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF 2017-07-30 21:29 - 2015-06-26 18:48 - 000000000 ____D C:\Users\tha\AppData\Roaming\vlc 2017-07-30 21:25 - 2014-10-01 19:28 - 000000000 ____D C:\Users\tha\AppData\Roaming\Usenet.nl 2017-07-30 21:23 - 2014-10-01 10:19 - 000000000 ____D C:\Users\tha\Documents\Usenet.nl 2017-07-30 18:19 - 2017-06-19 10:17 - 000004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2017-07-28 22:59 - 2017-02-16 00:09 - 000000000 ____D C:\Users\tha\AppData\Local\CrashDumps 2017-07-28 22:58 - 2017-06-04 20:40 - 000000000 ____D C:\Users\tha\Desktop\neue HA 2017-07-28 22:47 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-07-28 14:17 - 2017-05-16 22:36 - 000004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-07-28 14:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-07-28 14:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-07-27 21:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-07-27 11:20 - 2015-10-28 21:49 - 000002416 _____ C:\Users\tha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-27 11:20 - 2015-10-28 21:49 - 000000000 ___RD C:\Users\tha\OneDrive 2017-07-26 14:25 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-07-18 10:17 - 2014-10-01 01:01 - 000000000 ____D C:\ProgramData\Energy Manager 2017-07-17 22:37 - 2014-10-01 10:17 - 000000000 ____D C:\Users\tha\Documents\privates 2017-07-13 13:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache 2017-07-13 01:42 - 2015-05-01 10:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-12 08:48 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-07-12 08:19 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-07-12 08:10 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-07-11 23:31 - 2014-10-04 20:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-07-11 23:28 - 2014-10-04 20:52 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-11 22:54 - 2016-07-16 13:43 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-07-11 19:04 - 2015-10-07 19:50 - 000000000 ____D C:\Users\tha\Documents\Uni 2017-07-09 17:25 - 2014-10-01 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 2017-07-09 17:20 - 2014-10-01 11:08 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-07-09 17:17 - 2014-10-01 11:07 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-07-09 17:16 - 2014-10-01 11:10 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-07-09 17:08 - 2015-11-18 13:04 - 000001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2017-07-06 08:33 - 2016-08-15 21:31 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-07-04 20:51 - 2015-02-09 10:23 - 000000000 ____D C:\Users\tha\AppData\Roaming\vitero 2017-07-04 08:02 - 2014-12-02 22:39 - 000000000 ____D C:\Program Files\McAfee 2017-07-04 08:01 - 2016-11-20 19:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-07-04 08:01 - 2014-10-02 08:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-07-03 15:17 - 2017-03-24 11:48 - 000000000 ____D C:\Program Files\Common Files\McAfee 2017-07-03 15:17 - 2014-10-01 02:49 - 000000000 ____D C:\ProgramData\McAfee 2017-07-03 15:16 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-07-03 15:15 - 2017-03-24 12:28 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2017-07-03 15:14 - 2017-03-24 12:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-07-02 16:00 - 2016-03-24 12:15 - 000420616 _____ C:\Users\tha\Desktop\prophet_provokation_des_pol_pasolini1.odt 2017-07-02 15:39 - 2017-06-15 19:27 - 000021788 _____ C:\Users\tha\Desktop\notentabelle_thembi1.ods 2017-07-01 23:21 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-09-27 11:04 - 2016-09-27 11:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\tha\DropboxInstaller.exe C:\Users\tha\FreeYouTube52Download.exe C:\Users\tha\MVI_9733.DAT C:\Users\tha\vlc-2.1.5-win64.exe Einige Dateien in TEMP: ==================== 2017-02-04 06:06 - 2017-02-04 06:06 - 000244264 _____ (McAfee, Inc.) C:\Users\Administrator\AppData\Local\Temp\McCSPInstall.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-07-27 12:24 ==================== Ende von FRST.txt ============================ |
31.07.2017, 15:24 | #13 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. es tut mir leid, ich habe zweimal dasselbe gepostet. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-07-2017 durchgeführt von Administrator (31-07-2017 16:18:07) Gestartet von C:\Users\tha\Downloads Windows 10 Pro Version 1607 (X64) (2016-09-27 09:46:09) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1389048734-1753713617-1501943725-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1389048734-1753713617-1501943725-503 - Limited - Disabled) Gast (S-1-5-21-1389048734-1753713617-1501943725-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-1389048734-1753713617-1501943725-1003 - Limited - Enabled) Kind 1_2_3 (S-1-5-21-1389048734-1753713617-1501943725-1004 - Limited - Enabled) => C:\Users\Kind 1_2_3 tha (S-1-5-21-1389048734-1753713617-1501943725-1001 - Limited - Enabled) => C:\Users\tha ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric) Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH) DVDStyler v2.9.4 (HKLM-x32\...\DVDStyler_is1) (Version: - ) Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) flunatic 1.3 (HKLM-x32\...\flunatic_is1) (Version: - Enjoy Speaking GmbH) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation) HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo) Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.1.0.234 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.149 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.1 - X Codec Pack team) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {06D65758-E692-48F5-BD7C-6A7B1CAC510E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {08D5EC47-D7FE-49DA-9E38-8482755C516B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {170D1B36-68F2-4379-B1F3-10F57A9ACB8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {1770B273-66BA-418B-8C88-96860F73949E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo) Task: {1BA7BF27-EB57-4A76-B215-43FC7BFCB950} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {1E6FEE40-D852-40AD-990D-E2373F9A3088} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {2BDDE4FD-78FE-4CD8-855D-98811E8B7F5F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {2C17203C-8FDC-435E-9A66-33E2C3F94B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {2E1A8A5B-4DBC-465E-A662-6AD819FA7951} - System32\Tasks\{E3AF1795-4B41-4101-9198-112550D5A99F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" Task: {307D0009-B084-4178-A0AF-0BBBE0D538EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36467C34-6B5D-447C-901E-A6D5BFE7BBBA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {38D04AA9-558D-42B9-BBE1-C4EC0042576F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation) Task: {4A13A81A-5809-41CF-9689-A4F466EA9AC6} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo) Task: {4EB01A95-7DCA-476A-9E42-417DFAFB3F6B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {6471F4E0-CD8A-4D00-8EAD-83077B06286C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {72ECF62F-AD3C-47F0-A756-0EB0878BC3C9} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {7CDF6E23-A8AB-416F-9034-CE7D23C78E65} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {8A1CB173-4983-44A6-B852-2A57C24CA784} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {9A5BF77C-7672-4C30-8E68-C0338C540173} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.) Task: {A728E5AD-D316-4E82-9320-F3B03F3C2600} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {B1F85D04-DAB9-499E-8636-EB1CCDB9CD72} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.) Task: {B60F05C3-C751-4E80-9828-294CD51B18E8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {B6422F83-6091-49DC-BFBE-1820EF88AE6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {BEA10713-3162-4933-A305-7D85C913B1D5} - System32\Tasks\AdobeAAMUpdater-1.0-paolo-tha => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated) Task: {C5C2DE6B-749C-4F6E-A3E1-02C45EE4FFDF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {CEA5CCB7-E14A-4B0F-B3CF-9AE002CDD9CE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-12-07] () Task: {D440403A-71DF-417D-BA85-82C295085AE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {D89DCB42-84EA-4C15-A181-3F0FE87789C2} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-12-07] (Lenovo) Task: {DC957BA9-F0B0-4B53-BA84-1A1A201246D7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1389048734-1753713617-1501943725-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {EB235CF6-86BD-405A-8D5B-5BECBDD50782} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.) Task: {F275F16F-87A7-4F72-B07F-C7DBC72E8DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {F8444E25-37D2-4136-99A8-2A87542A8100} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-28] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-07-11 23:21 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-07-31 15:33 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-09-27 11:05 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-07-03 15:17 - 2017-06-11 13:00 - 000583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll 2017-07-03 15:17 - 2017-06-11 12:59 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll 2017-07-03 15:17 - 2017-06-11 13:00 - 000571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll 2016-09-27 11:52 - 2016-09-27 11:52 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 20:13 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-05-27 15:50 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-14 20:14 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 20:14 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-07-11 23:21 - 2017-06-21 08:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-07-11 23:21 - 2017-06-21 08:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-12-17 09:40 - 2013-08-20 03:12 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-08-13 09:27 - 2014-08-13 09:27 - 000988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2014-07-29 13:34 - 2014-07-29 13:34 - 000170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll 2014-07-29 13:34 - 2014-07-29 13:34 - 000136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll 2014-07-29 13:34 - 2014-07-29 13:34 - 000303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2017-05-15 21:51 - 000000839 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tha\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{05893cdd-8c10-4f2f-a079-dcce678ce4bb}.JPG HKU\S-1-5-21-1389048734-1753713617-1501943725-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-1389048734-1753713617-1501943725-500\...\StartupApproved\Run: => "Skype" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 09-07-2017 12:50:12 Windows Update 17-07-2017 23:37:47 Geplanter Prüfpunkt 26-07-2017 18:28:35 Geplanter Prüfpunkt 28-07-2017 14:11:06 McAfee Vulnerability Scanner ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/31/2017 03:48:59 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: paolo) Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018 Error: (07/31/2017 01:38:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 168984 Error: (07/31/2017 01:38:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 168984 Error: (07/31/2017 01:38:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2017 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2391 Error: (07/31/2017 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2391 Error: (07/31/2017 01:35:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2017 01:35:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1141 Error: (07/31/2017 01:35:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1141 Error: (07/31/2017 01:35:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (07/31/2017 03:47:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/31/2017 03:44:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NPF" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "chip1click" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:44:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BstHdDrv" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:43:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (07/31/2017 03:27:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NPF" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:26:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "chip1click" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:26:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BstHdDrv" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/31/2017 03:25:58 PM) (Source: DCOM) (EventID: 10010) (User: paolo) Description: Der Server "{9E175B6D-F52A-11D8-B9A5-505054503030}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/31/2017 03:25:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden. CodeIntegrity: =================================== Date: 2017-03-24 11:15:53.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz Prozentuale Nutzung des RAM: 41% Installierter physikalischer RAM: 8108.36 MB Verfügbarer physikalischer RAM: 4739.99 MB Summe virtueller Speicher: 14508.36 MB Verfügbarer virtueller Speicher: 11026.88 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.09 GB) (Free:434.1 GB) NTFS Drive f: () (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32 ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484) Partition 1: (Active) - (Size=1000 MB) - (Type=0B) Partition 2: (Not Active) - (Size=930.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Ende von Addition.txt ============================ |
31.07.2017, 20:31 | #14 |
/// TB-Ausbilder | Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. Servus, Schritt 1
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
01.08.2017, 11:31 | #15 |
| Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich.Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017 durchgeführt von Administrator (01-08-2017 12:24:07) Run:1 Gestartet von C:\Users\tha\Downloads Geladene Profile: tha & Administrator (Verfügbare Profile: tha & Kind 1_2_3 & Administrator & Gast) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X] Task: {06D65758-E692-48F5-BD7C-6A7B1CAC510E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {2C17203C-8FDC-435E-9A66-33E2C3F94B13} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {4EB01A95-7DCA-476A-9E42-417DFAFB3F6B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {6471F4E0-CD8A-4D00-8EAD-83077B06286C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {8A1CB173-4983-44A6-B852-2A57C24CA784} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {A728E5AD-D316-4E82-9320-F3B03F3C2600} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {B60F05C3-C751-4E80-9828-294CD51B18E8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {B6422F83-6091-49DC-BFBE-1820EF88AE6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {C5C2DE6B-749C-4F6E-A3E1-02C45EE4FFDF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {D440403A-71DF-417D-BA85-82C295085AE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {F275F16F-87A7-4F72-B07F-C7DBC72E8DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127] CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "%CommonProgramFiles(x86)%" CMD: dir "%CommonProgramW6432%" CMD: dir "%UserProfile%" CMD: dir "C:\" ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: ***************** Prozesse erfolgreich geschlossen. HKLM\System\CurrentControlSet\Services\chip1click => Schlüssel erfolgreich entfernt chip1click => Dienst erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06D65758-E692-48F5-BD7C-6A7B1CAC510E} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06D65758-E692-48F5-BD7C-6A7B1CAC510E} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C17203C-8FDC-435E-9A66-33E2C3F94B13} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C17203C-8FDC-435E-9A66-33E2C3F94B13} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EB01A95-7DCA-476A-9E42-417DFAFB3F6B} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EB01A95-7DCA-476A-9E42-417DFAFB3F6B} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6471F4E0-CD8A-4D00-8EAD-83077B06286C} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6471F4E0-CD8A-4D00-8EAD-83077B06286C} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A1CB173-4983-44A6-B852-2A57C24CA784} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A1CB173-4983-44A6-B852-2A57C24CA784} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A728E5AD-D316-4E82-9320-F3B03F3C2600} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A728E5AD-D316-4E82-9320-F3B03F3C2600} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B60F05C3-C751-4E80-9828-294CD51B18E8} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B60F05C3-C751-4E80-9828-294CD51B18E8} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6422F83-6091-49DC-BFBE-1820EF88AE6A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6422F83-6091-49DC-BFBE-1820EF88AE6A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C2DE6B-749C-4F6E-A3E1-02C45EE4FFDF} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C2DE6B-749C-4F6E-A3E1-02C45EE4FFDF} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D440403A-71DF-417D-BA85-82C295085AE0} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D440403A-71DF-417D-BA85-82C295085AE0} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F275F16F-87A7-4F72-B07F-C7DBC72E8DB1} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F275F16F-87A7-4F72-B07F-C7DBC72E8DB1} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt C:\ProgramData\TEMP => ":5C321E34" ADS erfolgreich entfernt. ========= dir "%ProgramFiles%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Program Files 31.07.2017 15:32 <DIR> . 31.07.2017 15:32 <DIR> .. 16.05.2017 22:35 <DIR> 7-Zip 07.07.2016 15:25 <DIR> Adobe 27.09.2016 11:05 <DIR> Apoint2K 30.10.2015 11:34 <DIR> Bonjour 29.03.2016 14:37 <DIR> Canon 24.03.2017 12:27 <DIR> Common Files 01.10.2014 01:01 <DIR> DIFX 24.10.2014 18:27 <DIR> HWiNFO64 27.09.2016 11:17 <DIR> Intel 15.03.2017 01:07 <DIR> Internet Explorer 19.10.2016 15:05 <DIR> iPod 19.10.2016 15:06 <DIR> iTunes 02.09.2015 16:50 <DIR> Lenovo 31.07.2017 15:32 <DIR> Malwarebytes 04.07.2017 08:02 <DIR> McAfee 24.03.2017 12:27 <DIR> McAfee.com 13.08.2015 22:20 <DIR> Microsoft Office 27.09.2016 11:35 <DIR> MSBuild 10.02.2017 20:16 <DIR> NVIDIA Corporation 27.09.2016 11:04 <DIR> Realtek 27.09.2016 11:35 <DIR> Reference Assemblies 09.07.2017 12:52 <DIR> UNP 31.12.2014 17:24 <DIR> VideoLAN 13.05.2017 12:04 <DIR> Windows Defender 01.10.2016 01:58 <DIR> Windows Defender Advanced Threat Protection 12.07.2017 08:10 <DIR> Windows Mail 31.10.2016 01:08 <DIR> Windows Media Player 16.07.2016 13:47 <DIR> Windows Multimedia Platform 27.09.2016 11:45 <DIR> Windows NT 12.07.2017 08:10 <DIR> Windows Photo Viewer 16.07.2016 13:47 <DIR> Windows Portable Devices 16.07.2016 13:47 <DIR> WindowsPowerShell 16.05.2017 22:35 <DIR> WinRAR 14.03.2015 19:42 <DIR> X Codec Pack 0 Datei(en), 0 Bytes 36 Verzeichnis(se), 466.073.239.552 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramFiles(x86)%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Program Files (x86) 31.07.2017 15:25 <DIR> . 31.07.2017 15:25 <DIR> .. 09.07.2017 17:16 <DIR> Adobe 01.10.2014 02:16 <DIR> AGEIA Technologies 19.10.2016 15:00 <DIR> Apple Software Update 16.12.2015 12:37 <DIR> Audible 14.11.2014 01:37 <DIR> Avira 25.10.2015 13:07 <DIR> BlueStacks 30.10.2015 11:34 <DIR> Bonjour 29.03.2016 14:37 <DIR> Canon 06.11.2014 11:41 <DIR> CHIP Updater 15.05.2017 21:53 <DIR> Cisco 27.09.2016 11:17 <DIR> Common Files 26.11.2015 13:42 <DIR> DVDStyler 03.11.2014 15:39 <DIR> flunatic 29.03.2015 17:10 <DIR> Freemake 17.12.2014 09:41 <DIR> Intel 15.03.2017 01:07 <DIR> Internet Explorer 18.08.2016 14:42 <DIR> Java 02.10.2014 09:37 <DIR> JonDo 24.03.2017 09:53 <DIR> Lenovo 31.07.2017 15:44 <DIR> McAfee 16.07.2016 13:47 <DIR> Microsoft.NET 04.07.2017 08:01 <DIR> Mozilla Firefox 04.07.2017 08:01 <DIR> Mozilla Maintenance Service 27.09.2016 11:35 <DIR> MSBuild 12.08.2015 16:32 <DIR> My Company Name 10.02.2017 20:16 <DIR> NVIDIA Corporation 23.07.2015 00:18 <DIR> OpenOffice 4 15.01.2016 11:47 <DIR> QuickTime 01.10.2014 01:41 <DIR> Realtek 27.09.2016 11:35 <DIR> Reference Assemblies 29.12.2014 00:54 <DIR> Secunia 05.02.2016 15:03 <DIR> Skype 11.07.2016 21:49 <DIR> SpywareBlaster 01.10.2014 19:28 <DIR> Usenet.nl 26.06.2015 18:47 <DIR> VideoLAN 20.09.2015 22:19 <DIR> VS Revo Group 10.02.2017 20:16 <DIR> VulkanRT 13.05.2017 12:04 <DIR> Windows Defender 15.03.2017 01:07 <DIR> Windows Mail 31.10.2016 01:08 <DIR> Windows Media Player 16.07.2016 13:47 <DIR> Windows Multimedia Platform 16.07.2016 13:47 <DIR> Windows NT 12.07.2017 08:10 <DIR> Windows Photo Viewer 16.07.2016 13:47 <DIR> Windows Portable Devices 16.07.2016 13:47 <DIR> WindowsPowerShell 0 Datei(en), 0 Bytes 47 Verzeichnis(se), 466.073.178.112 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramData%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\ProgramData 11.07.2016 21:54 <DIR> Adobe 22.06.2015 13:28 <DIR> Apple 22.06.2015 13:29 <DIR> Apple Computer 25.10.2015 13:02 <DIR> BlueStacks 25.10.2015 13:08 <DIR> BlueStacksSetup 27.10.2014 02:26 <DIR> Canon IJ Network Tool 03.09.2015 15:05 <DIR> CanonIJPLM 15.05.2017 21:53 <DIR> Cisco 16.07.2016 13:47 <DIR> Comms 01.10.2014 01:00 <DIR> Downloaded Installations 06.09.2015 20:19 <DIR> E1864A66-75E3-486a-BD95-D1B7D99A84A7 18.07.2017 10:17 <DIR> Energy Manager 29.03.2015 17:41 <DIR> Freemake 17.12.2014 09:41 <DIR> Intel 24.03.2017 12:28 <DIR> Intel Security 17.12.2014 10:41 <DIR> Lenovo 29.12.2014 00:59 <DIR> Licenses 31.07.2017 15:32 <DIR> Malwarebytes 09.04.2015 23:22 <DIR> Malwarebytes' Anti-Malware (portable) 03.07.2017 15:17 <DIR> McAfee 16.12.2014 13:10 <DIR> McAfee Security Scan 13.08.2015 22:38 <DIR> Microsoft Help 27.09.2016 11:49 <DIR> Microsoft OneDrive 30.09.2014 20:08 <DIR> Mozilla 01.08.2017 12:24 <DIR> NVIDIA 27.09.2016 11:17 <DIR> NVIDIA Corporation 18.08.2016 15:01 <DIR> Oracle 26.11.2015 11:47 <DIR> PACE Anti-Piracy 27.09.2016 11:26 <DIR> regid.1986-12.com.adobe 27.09.2016 11:25 <DIR> regid.1991-06.com.microsoft 26.02.2016 09:07 <DIR> Skype 16.07.2016 13:47 <DIR> SoftwareDistribution 01.10.2014 02:46 <DIR> Sun 20.09.2015 22:47 <DIR> TEMP 27.09.2016 11:47 <DIR> USOPrivate 27.09.2016 11:47 <DIR> USOShared 01.10.2014 13:57 <DIR> XDMessagingv4 0 Datei(en), 0 Bytes 37 Verzeichnis(se), 466.073.116.672 Bytes frei ========= Ende von CMD: ========= ========= dir "%Appdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Users\Administrator\AppData\Roaming 07.07.2017 10:29 <DIR> . 07.07.2017 10:29 <DIR> .. 01.10.2014 13:57 <DIR> Abelssoft 09.07.2017 17:17 <DIR> Adobe 06.09.2015 20:20 <DIR> Apple Computer 21.09.2015 11:36 <DIR> Dropbox 08.10.2015 17:58 <DIR> DVDVideoSoft 07.10.2014 20:19 <DIR> Intel Corporation 18.12.2014 23:19 <DIR> LSC 01.10.2014 11:12 <DIR> Macromedia 26.11.2015 09:18 <DIR> McAfee 02.10.2014 08:16 <DIR> Mozilla 08.10.2015 17:09 <DIR> NVIDIA 27.10.2014 00:40 <DIR> OpenOffice 26.11.2015 11:47 <DIR> PACE Anti-Piracy 26.11.2015 11:31 <DIR> RDecke 27.10.2014 00:29 <DIR> Skype 21.08.2015 09:47 <DIR> Sun 23.12.2014 20:32 <DIR> Usenet.nl 07.07.2017 10:29 <DIR> vlc 30.03.2015 16:36 <DIR> WinRAR 0 Datei(en), 0 Bytes 21 Verzeichnis(se), 466.073.063.424 Bytes frei ========= Ende von CMD: ========= ========= dir "%LocalAppdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Users\Administrator\AppData\Local 31.07.2017 15:25 <DIR> . 31.07.2017 15:25 <DIR> .. 01.10.2014 13:57 <DIR> Abelssoft 12.07.2016 08:20 <DIR> Adobe 01.10.2014 11:26 <DIR> Apple 06.09.2015 20:19 <DIR> Apple Computer 25.10.2015 13:01 <DIR> Bluestacks 26.11.2015 09:58 <DIR> Comms 24.06.2017 22:29 <DIR> Downloaded Installations 07.07.2016 15:03 <DIR> Dropbox 09.12.2015 23:23 <DIR> ElevatedDiagnostics 22.06.2015 15:40 <DIR> GWX 02.10.2014 08:19 <DIR> Macromedia 27.09.2016 11:30 <DIR> Microsoft 01.10.2014 10:12 <DIR> Microsoft Help 26.11.2015 09:58 <DIR> MicrosoftEdge 22.12.2014 00:49 <DIR> Mindjet 02.10.2014 08:16 <DIR> Mozilla 07.10.2014 20:17 <DIR> NVIDIA 07.10.2014 20:18 <DIR> NVIDIA Corporation 26.11.2015 11:47 <DIR> PACE Anti-Piracy 27.09.2016 11:12 <DIR> Packages 01.03.2016 16:35 <DIR> PeerDistRepub 01.10.2014 13:56 <DIR> Programs 26.11.2015 09:56 <DIR> Publishers 29.12.2014 00:54 <DIR> Secunia PSI 26.02.2016 09:07 <DIR> Skype 31.07.2017 16:18 <DIR> Temp 26.11.2015 09:55 <DIR> TileDataLayer 26.11.2015 09:55 <DIR> VirtualStore 23.11.2014 12:04 <DIR> {463F9BF0-77DB-4910-92A0-11C19B92619F} 0 Datei(en), 0 Bytes 31 Verzeichnis(se), 466.072.940.544 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramFiles(x86)%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Program Files (x86)\Common Files 27.09.2016 11:17 <DIR> . 27.09.2016 11:17 <DIR> .. 09.07.2017 17:20 <DIR> Adobe 02.03.2017 21:32 <DIR> Adobe AIR 22.06.2015 13:28 <DIR> Apple 01.10.2014 01:13 <DIR> InstallShield 27.09.2016 11:04 <DIR> Intel 01.10.2014 01:02 <DIR> Intel Corporation 18.08.2016 12:40 <DIR> Java 24.03.2017 12:28 <DIR> McAfee 27.09.2016 11:17 <DIR> Microsoft Shared 17.12.2014 09:40 <DIR> postureAgent 30.10.2015 13:40 <DIR> PX Storage Engine 16.07.2016 13:47 <DIR> Services 05.02.2016 15:03 <DIR> Skype 12.08.2015 16:32 <DIR> Sonic Shared 11.06.2016 09:40 <DIR> Steam 17.07.2016 00:50 <DIR> System 0 Datei(en), 0 Bytes 18 Verzeichnis(se), 466.072.358.912 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramW6432%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Program Files\Common Files 24.03.2017 12:27 <DIR> . 24.03.2017 12:27 <DIR> .. 09.07.2017 17:20 <DIR> Adobe 19.10.2016 15:05 <DIR> Apple 28.03.2017 18:55 <DIR> AV 24.03.2017 12:27 <DIR> Intel Security 03.07.2017 15:17 <DIR> McAfee 27.09.2016 11:17 <DIR> microsoft shared 08.10.2015 17:09 <DIR> PACE Anti-Piracy 16.07.2016 13:47 <DIR> Services 27.09.2016 11:17 <DIR> System 0 Datei(en), 0 Bytes 11 Verzeichnis(se), 466.072.109.056 Bytes frei ========= Ende von CMD: ========= ========= dir "%UserProfile%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\Users\Administrator 12.03.2017 20:39 <DIR> . 12.03.2017 20:39 <DIR> .. 18.08.2016 12:40 <DIR> .oracle_jre_usage 26.11.2015 11:44 28 Adobe Encore DVD_VUI.pref 18.12.2014 23:25 0 agent.log 11.04.2016 08:54 <DIR> Contacts 31.07.2017 15:57 <DIR> Desktop 27.09.2016 11:41 <DIR> Documents 31.07.2017 15:42 <DIR> Downloads 27.09.2016 11:30 <DIR> Favorites 27.09.2016 11:41 <DIR> Links 26.11.2015 09:55 <DIR> Music 09.04.2015 21:38 <DIR> Neuer Ordner 26.11.2015 09:57 <DIR> OneDrive 26.11.2015 09:57 <DIR> Pictures 11.04.2016 08:54 <DIR> Saved Games 11.04.2016 08:54 <DIR> Searches 20.09.2015 22:32 <DIR> Start Menu 26.11.2015 10:11 <DIR> Videos 2 Datei(en), 28 Bytes 17 Verzeichnis(se), 466.072.047.616 Bytes frei ========= Ende von CMD: ========= ========= dir "C:\" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2C3D-2DD4 Verzeichnis von C:\ 09.07.2017 17:18 <DIR> adobeTemp 31.07.2017 15:39 <DIR> AdwCleaner 20.09.2015 22:32 0 autoexec.bat 24.09.2014 11:56 <DIR> c64727638d5321c24a502dce0fcd56 29.12.2014 00:43 1.000 DelFix.txt 16.12.2014 17:47 <DIR> drivers 01.08.2017 12:24 <DIR> FRST 23.12.2014 18:08 8.496 IFRToolLog.txt 28.10.2015 21:45 <DIR> Intel 13.02.2016 19:29 <DIR> Logs 01.12.2006 23:37 904.704 msdia80.dll 01.10.2014 01:27 <DIR> NVIDIA 16.07.2016 13:47 <DIR> PerfLogs 31.07.2017 15:32 <DIR> Program Files 31.07.2017 15:25 <DIR> Program Files (x86) 22.06.2015 14:45 <DIR> Spacekace 01.09.2014 09:13 <DIR> SWSetup 30.07.2017 19:45 293.136 TDSSKiller.3.1.0.15_30.07.2017_16.40.35_log.txt 10.02.2017 20:16 <DIR> Temp 27.09.2016 11:17 <DIR> Users 31.07.2017 16:18 <DIR> Windows 5 Datei(en), 1.207.336 Bytes 16 Verzeichnis(se), 466.071.990.272 Bytes frei ========= Ende von CMD: ========= ================== ExportKey: =================== [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths] === Ende von ExportKey === ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-1389048734-1753713617-1501943725-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-1389048734-1753713617-1501943725-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-1389048734-1753713617-1501943725-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zurckgesetzt. Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen. ========= Ende von CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 32768 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6349036 B Java, Flash, Steam htmlcache => 1091 B Windows/system/drivers => 436482602 B Edge => 12800 B Chrome => 0 B Firefox => 210368917 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 1455428 B systemprofile32 => 128 B LocalService => 276108 B NetworkService => 10872 B tha => 165181887 B Kind 1_2_3 => 172377 B Administrator => 186338407 B Gast => 0 B RecycleBin => 1801614 B EmptyTemp: => 961.8 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 12:24:58 ==== |
Themen zu Plötzlich wurde mein Recher immer langsamer nun hackt er entsetzlich. |
adobe, computer, design, eingefangen, fehlermeldungen, folge, gen, hack, hintergrund, langsamer, laptop, laptop langsam, mcaffe, nicht mehr, office, plötzlich, programme, rechner, scan, scanner, schließen, seite, spinnt, virenscan, virenscanner, virus |