Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 13.08.2015, 14:54   #1
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Hallo,

seit ich vor einigen Tagen den Upgrade auf Win 10 durchgeführt habe, ist mir aufgefallen, dass im Taskmanager system.exe eine ständige Auslastung des Arbeitsspeichers mit 50-60% aufweist. Der Rechner ist allgemein sehr langsam und stockt immer wieder mal so, dass kaum noch etwas geht. Hin und wieder lässt er sich nicht runter fahren, das ist aber nicht bei jedem Versuch so.

Darüber hinaus habe ich mir offensichtlich lästige Adware eingefangen, die beim Öffnen von neuen Tabs in Chrome einen zusätzlichen Tab mit Werbung öffnet. Scans mit Avira und Malwarebytes haben keine Ergebnisse geliefert.

Die Schritte mit defogger und FRST waren kein Problem, allerdings konnte ich mit GMER keinen vollständigen Scan durchführen. Ich habe alle angegebenen Schritte exakt durchgeführt. Beim ersten Suchlauf erhielt ich einen Bluescreen, danach habe ich die Checkbox "Devices" deaktiviert, aber erneut Bluescreen. Auch das Ausführen im abgesicherten Modus führte zu einem Bluescreen. Darüber hinaus bekam ich beim Start von GMER die Fehlermeldung C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

FRST.txt musste ich leider anhängen, weil zu groß. Wenn das falsch war, tut es mir leid, dann bitte andere Anweisung.


Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-08-2015
durchgeführt von Kris (2015-08-13 13:54:50)
Gestartet von C:\Users\Kris\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2324392281-2098655948-2250387561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2324392281-2098655948-2250387561-503 - Limited - Disabled)
Gast (S-1-5-21-2324392281-2098655948-2250387561-501 - Limited - Disabled) => C:\Users\Gast
Kris (S-1-5-21-2324392281-2098655948-2250387561-1002 - Administrator - Enabled) => C:\Users\Kris
UpdatusUser (S-1-5-21-2324392281-2098655948-2250387561-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adguard (HKLM-x32\...\{4188c793-ec87-4895-a722-e6fe841ca851}) (Version: 5.10.2010.6262 - Insoft LLC)
Adguard (x32 Version: 5.10.2051.6368 - Performix LLC) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version:  - )
Canon MX350 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Ekahau HeatMapper (HKLM\...\Heatmapper-1.1.4.39795) (Version: 1.1.4.39795 - Ekahau Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version:  - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
Hippsoft hsWebCam 1.09.0000 (HKLM-x32\...\Hippsoft hsWebCam_is1) (Version: 1.09.0000 - Hippsoft)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Inquisit 4 Web Player (HKLM\...\{E8620E4B-8567-4E07-8CDB-8432054BD5B2}) (Version: 4.0.8.0 - Millisecond Software)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Link 1.8.0.1403131552 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1403131552 - Copyright 2013 SAMSUNG)
Scanned Text Editor 1 (HKLM-x32\...\Scanned Text Editor 1) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skillstraining für Borderline-Patienten, 2. Auflage (HKLM-x32\...\com.mmm.app.schattauer.skillstraining2) (Version: 2.0.17 - Schattauer GmbH)
Skillstraining für Borderline-Patienten, 2. Auflage (x32 Version: 2.0.17 - Schattauer GmbH) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotydl 0.8.5 (HKLM-x32\...\Spotydl_is1) (Version: 0.8.5 - spotydl.com)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

08-08-2015 12:18:30 Windows Update
08-08-2015 12:19:05 Windows Update
11-08-2015 14:55:19 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {031E4AB1-2202-4FAD-A5CE-88DCFD6FDE18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {0A4DE283-A99E-41A5-B6EF-AEB919898071} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0E19CB89-16F9-4A09-AA59-AF0DD52B8223} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {104796B1-AA38-4828-A53F-F124CF3EA43C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {1D4CB878-79AC-41F5-9ADC-97ADFD7FBE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1D647E6B-35A0-45DF-AFC0-A802D7EFDD50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2512C62A-D7BC-464C-A742-101BE9CCBB02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {25E13BFD-1972-4FC1-8330-D28CA3DBBAC1} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {2669C6B7-8F72-4023-AA16-74D4F82B6E3A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {2E7C2783-C630-4450-92B0-5D148FAB3F6D} - \The weDownload Manager-codedownloader -> Keine Datei <==== ACHTUNG
Task: {335AC3E0-51C3-408A-BD1D-6BF68F3AE245} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {3B5663D5-6339-4CBB-993F-812FDA19C5FC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E80D279-51A5-4492-A52E-97400C42A5EE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {43A92C06-5743-42FE-82D8-78F84BF269AA} - System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2} => pcalua.exe -a C:\Users\Kris\Desktop\Downloads\scannedtxttrial.exe -d C:\Users\Kris\Desktop\Downloads
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {474C979C-BD7C-44D6-BDD4-FB921C923250} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {51DD2E45-7CED-43FF-AD4D-1014E02F1DAB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5836D188-3464-44C3-899A-652A1AF32914} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {5D6FA184-23BA-40D8-8F70-8F1E9B0B251F} - System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {65A9439B-C3B9-41DF-8CD3-00E534099737} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {66A08F4A-DFA8-4E7B-95ED-A104DFF17ADB} - \The weDownload Manager-enabler -> Keine Datei <==== ACHTUNG
Task: {68ECC007-5FD7-4103-9B31-3B2B9687674E} - System32\Tasks\Amazon Music Helper => C:\Users\Kris\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {697D23FF-67B3-4813-9529-6A93F5889B03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {6CF900C3-5515-44F6-A238-CB7167274D8E} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {7F930D11-DD77-4A64-8EA7-09BBAB9E8B72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {87669080-A729-46E0-AB6F-0A607F58611F} - System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {8A7D77A7-F103-4707-9AD4-CA90F85F1BB4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {8F767A30-3ED2-4C8B-ABEE-431F052B5EC3} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {953EF5EF-CBAD-44EA-B725-EA022DEC73EE} - \The weDownload Manager-firefoxinstaller -> Keine Datei <==== ACHTUNG
Task: {9B4FB267-A58C-48F9-8CA6-3E95F6670A94} - \The weDownload Manager-chromeinstaller -> Keine Datei <==== ACHTUNG
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A725B55C-71A1-4AF4-B04F-603E0905DBFF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {AA30BCC5-0991-41B7-9BCF-1184E58B5952} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B5FFEBFC-4368-4CE8-8F44-72131E1ED87D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B73EB68E-D0AF-4FD7-9FC7-D4F80A769356} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {BE9AB3C9-9786-4891-802A-B118CB1D708D} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {BFE1EFD0-042E-44CD-B930-6F585689AFFB} - \The weDownload Manager-updater -> Keine Datei <==== ACHTUNG
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C385AEB4-2DA1-4ABA-824A-4E56A5A5F46A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {C52CFDDE-F5EE-45FD-BA0F-3A62B0DA4470} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D0B65B83-FDF8-4E32-8562-5999857EFA34} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {D5CD22C4-ACB4-4480-B9F6-57F4B6B759E2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DE55E63E-2764-443C-AB91-4D7ABBD53464} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {DF3F8739-9A7B-4207-876F-3B7E9FFBFBE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {E054E324-49DD-4C98-9725-29C93074148A} - System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E526415F-E5FC-4817-8093-017C035B2AF8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100C0F7C7A81FA7D94FB9DF62F7B0FF13EE46000C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D000800000015000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D007500700064006100740065002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B00720069007300000054004B006500650070007300200047006F0054006F004D0065006500740069006E006700200075007000200074006F00200064006100740065002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170008009F0500003C0000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100578B22E38E053F40BABCDCE56665993F46006C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D002400000016000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D00750070006C006F00610064002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B0072006900730000008400550070006C006F00610064007300200064006900610067006E006F007300740069006300200069006E0066006F002000700072006500760069006F00750073006C00790020007200650063006F007200640065006400200062007900200047006F0054006F004D0065006500740069006E00670020007700690074006800200079006F0075007200200063006F006E00730065006E0074002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170024009F050000780000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\WINDOWS\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 12:18 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 12:18 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-07-03 20:00 - 2015-07-03 20:00 - 01406672 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2015-06-03 16:07 - 2015-06-03 16:07 - 00128720 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-11 21:06 - 2015-08-11 21:06 - 00071168 _____ () c:\users\kris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmobeht.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 12:46 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2012-10-13 11:38 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-02-05 22:57 - 2013-02-05 22:57 - 00282112 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 45066808 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libcef.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 01649208 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libglesv2.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 00080952 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Kris\Cookies:gs5sys
AlternateDataStreams: C:\Users\Kris\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Kris\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Kris\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Kris\Documents\desktop.ini:gs5sys

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123simsen.com -> www.123simsen.com

Da befinden sich 7777 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "CStart8"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Amazon Cloud Player"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B963D4E8-0596-49D1-A17A-ACE5734B9858}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{4E7DD128-BD29-4140-8575-F4C37FCA0B96}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{843576DE-923C-49A9-9C64-51CF9A45D14F}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6858DCA9-F18B-4022-ADD5-88AB08456E60}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1AA0B9B5-2B86-440C-B709-4B84BF7A062D}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{619E8464-2A1B-4D50-B676-AE96A3A7BDC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84923353-FA41-40E1-85A2-14627F0561E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85ADBE5A-98B8-4C05-A38F-0162D646A2F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B495A10-A142-4643-B4B9-9482AA19202E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{542FBC9B-8A81-45F5-9F2E-BEBCB7B6FAB1}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe
FirewallRules: [{B5F4FD65-3272-4F2D-90A0-0810E1E55D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{48FB5237-8178-453C-B6B9-8C6C1290C3E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6871A71D-86AA-401D-89C9-9D9BED287A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{6D2B4719-30D1-4C15-B073-59263C2B7953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{FB31179E-19B7-4987-B044-5DAB937DF954}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BB5AADD4-996F-4B75-A1BC-8307C1AAE95D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CAD0C6E-4DCE-477A-BA20-B02D31577B5F}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015 Premium\Videodeluxe.exe
FirewallRules: [{6F17D50A-38E9-4079-A231-D29777D0AE29}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0A95BAA1-91E5-4D14-8FCA-08A618D2AA21}] => (Allow) LPort=1900
FirewallRules: [{BC2AB512-A737-452F-9877-253EFDB51726}] => (Allow) LPort=2869
FirewallRules: [{74D988F6-1ED1-4C33-B4CF-134AC5882BD4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B6CD84DF-C4CC-4A88-900E-4FAF3499915C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5FFBD1C5-8DFD-456C-B898-D7155D08EA87}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{22CDEB52-072B-4737-ADAE-373C1DB83F9C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4CEF2C69-2BBE-4E2D-889D-501DD7BDBAD7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D4EF1230-78BD-4676-8F27-AED533C5E147}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FEF113D8-F5DE-434C-80BE-A188A1ED59E2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9A8E6A3B-47B8-4B2E-ACAA-82C04C44A922}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EFB540E7-5534-4738-AD62-6E76C691F19F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [UDP Query User{50EF2ABC-F030-48CB-8F31-5AFFF8A05D21}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [TCP Query User{59420389-29C1-4656-8B43-90A7CC7D414D}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [{4F055D11-68A8-412B-B530-C366E3FAB015}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{FE5A6458-0FB7-4275-B9D7-60D567A1F391}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{0BD90C11-BF3D-44EC-A4A2-E918DB5A2BFB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FFE4DD29-B178-4C15-96BE-A63A900F2E69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3D9C31FF-290A-4AAC-9577-436FCE4522F3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{FB767992-495F-433D-9BEE-000EEB8A2AEE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{721A160E-E27E-40CE-8313-1653BBF27600}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{14A7C010-7E3C-410D-9FCE-4F52B012E927}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FC41E34E-F42E-4CE1-B3EA-9B0F3BB12575}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{165BA8A6-E9A1-456E-BAC7-3D90AE1221AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0F66E732-F6B9-4E6D-AD0A-ED5A18CFD265}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{3D2ED212-BFFB-470C-A088-3B30FCBF4D82}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{1BD39CED-79E1-4EC7-A850-F08D152FBA36}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{D98B604D-3142-4FF6-B06E-A627B133F2A0}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{E0DFE5FA-3D0B-4927-B0EC-D13D1759C56D}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{8BD34831-1DAF-4247-BDE1-A1D9382771B7}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{1EE74EFD-C683-4D18-AE66-CE3ACB5BA4E5}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{F9086F40-8CB7-46DC-A4E8-708871CD64A4}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{C22271DE-228F-424E-A830-1693AE84ABD8}] => (Allow) C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CC8CE6E5-CC87-41A6-9486-F5C4A3644911}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E059CE8F-ACBB-461D-9459-219D3698BF21}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{27DBFE4D-2861-41DA-A67D-D2F1FFAF6E6D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{74F15513-63CD-493C-AF6B-9B85F20275E4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9F7D7D97-1C28-437E-BAF1-4B6C0FA6B0EE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9D6BA3FA-8390-4230-B639-0DC4E36E54D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{2EEEB531-80FC-4709-9080-B93426F22E1F}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{72F6B3F3-563D-4291-AC38-51258375973D}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{27CACAA6-2EB6-42A6-AA74-4AC069C70A08}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C9D05B5F-3F5D-483E-B4A3-F4D441453F5E}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{676D4C05-A020-4A67-BE87-A8BC8593B412}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0317FB8D-1A6D-4968-B06A-F19012A58BF3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7506BC7C-CF6C-4FCD-8FD3-B817CB2267A2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{845F72AF-62B1-4EFF-BB87-44FA277E8A84}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{8A0C58DF-0547-40A4-835F-171AA37E4E26}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{A9BFFA9A-B660-4CDC-8F64-6342C6345D25}] => (Allow) LPort=8743
FirewallRules: [{3409EF46-2AF6-47BC-892B-54F4436AAA0F}] => (Allow) LPort=8643
FirewallRules: [{118505E1-A12A-4882-9643-0B424B7A07DD}] => (Allow) LPort=7676
FirewallRules: [{2727D636-2AFD-46F4-9EFC-FADBA3B3A305}] => (Allow) LPort=7679
FirewallRules: [{22EF1AAA-2526-4122-87A6-A5A3024BDE33}] => (Allow) LPort=24234
FirewallRules: [{A93F4ADE-E8A2-4D75-BE4C-148D45440E00}] => (Allow) LPort=7900
FirewallRules: [{1E7EA12A-D424-49AB-A150-083835984C42}] => (Allow) LPort=1900
FirewallRules: [{7E1FA767-8BF1-4B44-BFC2-8C2E18E74F09}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C8D8FD9F-74C7-475C-9CC3-4A664D175EC6}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{169052D1-C4E8-46FD-AA94-6E46B907786E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7B0B2083-1D08-4FC3-9175-1DD14830A7DF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{C88C9C53-41EF-4565-9145-7D7F22AD7520}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{938F67F6-220B-4C8F-BB85-F8D23390394B}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{D3810960-10D3-46B6-A4AE-F91DA39AE033}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B71FE656-06B6-4D87-B8B7-2375D234AD2B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D1E2F964-7612-445A-BA4C-F7D45246D0A0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{99B93DA0-9ACC-4B51-92CA-FCF7865A8219}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5026BBEB-B474-4494-8CED-1A59C61BE372}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{66C3F60F-5D46-420B-9CB7-46B59A9527E6}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{8C45E5D4-21C1-465A-AD66-884CA137B78B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{29EB4D36-0172-4367-AD72-AEB9CF454450}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B8B5F145-4279-4843-A0FE-A52E848EF6F2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5B1B44FB-53E8-453C-BD99-26FD88DA4A8D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{20481332-1393-41F1-B5CD-AC79EF294872}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{F211526D-D90B-4EC9-ACCC-AC5252970E1E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{E7B83BD5-8527-470C-AE2B-E43BDBA84097}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{8987667C-BA27-47D2-BBCF-E7E0A5BBC79C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A219F493-C0F8-45BA-ACDA-FB68C06294EC}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{8331FE32-8F6A-4439-9264-46B53445B7C5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0B81803D-8FCF-4664-8841-87E948561EC5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{E93AC718-F501-44DC-98AB-27C1911C18AF}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{9380331E-FCC2-49B3-AECA-C9AAA829D082}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3EDAF441-01AC-4524-B741-5B64470FD09D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C99126D8-4683-48C0-B469-665369767333}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1475E550-DD21-4272-8D35-01421407E95A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{470E08A3-9031-4593-843C-1181C39B423C}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{50EB759D-3CC8-4FB2-980D-E769C147C835}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{B460C516-6A48-4C64-85B2-C49F62C7B825}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.


Systemfehler:
=============
Error: (08/13/2015 01:29:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}

Error: (08/12/2015 05:13:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: ASUS driver update for Asus Support Device

Error: (08/12/2015 04:17:55 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}

Error: (08/12/2015 11:12:06 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}

Error: (08/11/2015 10:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Link Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2015 09:55:29 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca

Error: (08/11/2015 09:25:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/11/2015 09:23:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/11/2015 09:21:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/11/2015 09:19:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-08 11:12:57.202
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:57.139
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:57.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:57.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.919
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.794
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-08 11:12:56.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 8069.53 MB
Verfügbarer physikalischer RAM: 3037.45 MB
Summe virtueller Speicher: 12026.51 MB
Verfügbarer virtueller Speicher: 1954.04 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:444.41 GB) (Free:242.34 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Skillstraining_2) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B2973CD1)

Partition: GPT.

==================== Ende von Ergebnis ============================
         

Geändert von Itkuraita (13.08.2015 um 14:59 Uhr)

Alt 13.08.2015, 15:02   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 13.08.2015, 15:16   #3
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



FRST.txt Teil 1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von Kris (Administrator) auf MUEEMUII (13-08-2015 13:52:41)
Gestartet von C:\Users\Kris\Desktop
Geladene Profile: UpdatusUser & Kris &  (Verfügbare Profile: UpdatusUser & Kris & Gast)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe
(Dropbox, Inc.) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSVC.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Telegram Messenger LLP) C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22]
CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22]
CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14]
CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14]
CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19]
CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14]
CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22]
CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22]
CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31]
CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22]
CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28]
CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [119832 2015-07-05] (Performix LLC)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-30] (Microsoft Corporation)
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSvc.exe [151832 2015-08-07] (Yahoo Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei
         
__________________

Alt 13.08.2015, 15:17   #4
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



FRST.txt Teil 2

Code:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
url=www.hippsoft.com 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
update=www.hippsoft.com/software/hskomp.htm 
type=Freeware) C:\WINDOWS\SysWOW64\hswinutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsWindowProc.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hstimerclass.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsTimer.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsSysTray.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hssubclass.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsSplitterbar.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsServerData.exe
type=Freeware) C:\WINDOWS\SysWOW64\hsSeparator.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsMenu.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsMedia.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsLabel.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsGradient.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsfutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsdlgutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsCrypto.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsCom.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsColor.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsButton.ocx
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
mail=hippsoftservice@hippsoft.com 
2015-08-13 13:52 - 2015-08-13 13:53 - 00050195 _____ C:\Users\Kris\Desktop\FRST.txt
2015-08-13 13:52 - 2015-08-13 13:52 - 02173952 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log
2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable
2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe
2015-08-13 13:27 - 2015-08-13 13:27 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin
2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 21:20 - 2015-08-11 21:20 - 00000000 ____D C:\Users\Kris\AppData\Local\YSearchUtil
2015-08-11 21:20 - 2015-08-11 21:20 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-08-11 21:07 - 2015-08-11 21:09 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-08-11 14:57 - 2015-08-11 14:57 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-08-11 14:56 - 2015-08-11 14:56 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge
2015-08-10 17:41 - 2015-08-12 23:48 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-10 17:39 - 2015-08-11 21:07 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-10 17:38 - 2015-08-11 21:07 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-10 17:35 - 2015-08-10 17:35 - 00001918 _____ C:\Users\Public\Desktop\Adguard.lnk
2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles
2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 12:18 - 2015-07-30 08:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 12:18 - 2015-07-30 08:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-08 12:18 - 2015-07-30 07:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 06:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 12:18 - 2015-07-30 06:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-08 12:18 - 2015-07-30 06:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-08 12:18 - 2015-07-30 05:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-08 12:18 - 2015-07-30 05:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-08 12:18 - 2015-07-30 05:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 05:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-08 12:18 - 2015-07-30 05:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 12:18 - 2015-07-30 05:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-08 12:18 - 2015-07-30 05:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-08 12:18 - 2015-07-30 05:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-08 12:18 - 2015-07-30 05:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-08 12:18 - 2015-07-30 05:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:17 - 2015-07-30 08:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers
2015-08-08 10:21 - 2015-08-08 10:21 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms
2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer
2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2015-08-08 04:15 - 2015-08-11 14:57 - 00055916 _____ C:\WINDOWS\DPINST.LOG
2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery
2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old
2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-07 21:08 - 2015-08-13 13:47 - 00000000 ____D C:\Users\Kris
2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast
2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 20:58 - 2015-08-08 11:55 - 00011412 _____ C:\WINDOWS\PFRO.log
2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log
2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF
2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys
2015-07-20 22:20 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hippsoft
2015-07-20 22:20 - 2015-07-20 22:20 - 00000000 ____D C:\Program Files (x86)\Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00908792 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:21 - 00261624 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:21 - 00146936 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:21 - 00101880 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:21 - 00052728 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00785912 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00531960 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00290296 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00257528 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00237048 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00171512 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00155128 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00142840 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00122360 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00101880 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00089592 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00073208 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00073208 _____ (Hippsoft 
2015-07-20 22:20 - 2011-02-10 18:20 - 00048632 _____ (Hippsoft 
2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2015-07-20 22:20 - 2006-11-21 22:00 - 00051868 _____ C:\WINDOWS\SysWOW64\hsdlgutil.csh
2015-07-20 22:20 - 2003-07-06 13:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IJL15.dll
2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip
2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe
2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 20:40 - 2015-07-17 20:54 - 00011112 ____H C:\Users\Kris\Desktop\~WRL0006.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 13:53 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-13 13:52 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-13 13:43 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-13 13:43 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-13 13:42 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-13 13:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 13:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-13 13:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-13 13:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-13 13:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-13 11:20 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-13 09:19 - 2015-03-22 18:19 - 00000000 ____D C:\ProgramData\Adguard
2015-08-13 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 22:41 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 18:38 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 17:29 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 17:15 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-11 21:07 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-11 21:07 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-11 21:04 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-11 21:04 - 2015-03-22 18:19 - 00000000 ____D C:\Program Files (x86)\Adguard
2015-08-11 21:04 - 2012-10-27 04:48 - 00000416 _____ C:\Users\Kris\AppData\Roaming\sp_data.sys
2015-08-11 21:02 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-11 21:01 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-11 21:00 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-11 04:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-10 17:35 - 2015-03-22 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2015-08-10 17:17 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:55 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2015-07-10 14:20 - 00019892 _____ C:\WINDOWS\setupact.log
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-09-12 16:27 - 00002854 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-07 13:31 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-17 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-16 19:41 - 2014-03-25 18:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 19:41 - 2013-05-11 21:32 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2012-10-26 21:54 - 2012-10-26 21:54 - 0000021 _____ () C:\Users\Kris\AppData\Roaming\my_intel.sys
2012-10-27 04:48 - 2015-08-11 21:04 - 0000416 _____ () C:\Users\Kris\AppData\Roaming\sp_data.sys
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat


Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmobeht.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-07 20:58

==================== Ende von Ergebnis ============================
         

Alt 14.08.2015, 08:45   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.08.2015, 12:11   #6
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Beide Scans haben nichts gefunden.

mbar-Log

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.14.02
  rootkit: v2015.08.06.01

Windows 8 x64 NTFS
Internet Explorer 11.0.10240.16384
Kris :: MUEEMUII [administrator]

14.08.2015 12:04:08
mbar-log-2015-08-14 (12-04-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 521185
Time elapsed: 49 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)
         
TDSS Teil 1

Code:
ATTFilter
13:01:45.0104 0x050c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:01:45.0120 0x050c  UEFI system
13:01:50.0236 0x050c  ============================================================
13:01:50.0236 0x050c  Current date / time: 2015/08/14 13:01:50.0236
13:01:50.0236 0x050c  SystemInfo:
13:01:50.0236 0x050c  
13:01:50.0236 0x050c  OS Version: 10.0.10240 ServicePack: 0.0
13:01:50.0236 0x050c  Product type: Workstation
13:01:50.0236 0x050c  ComputerName: MUEEMUII
13:01:50.0236 0x050c  UserName: Kris
13:01:50.0236 0x050c  Windows directory: C:\WINDOWS
13:01:50.0236 0x050c  System windows directory: C:\WINDOWS
13:01:50.0236 0x050c  Running under WOW64
13:01:50.0236 0x050c  Processor architecture: Intel x64
13:01:50.0236 0x050c  Number of processors: 4
13:01:50.0236 0x050c  Page size: 0x1000
13:01:50.0236 0x050c  Boot type: Normal boot
13:01:50.0236 0x050c  ============================================================
13:01:51.0346 0x050c  KLMD registered as C:\WINDOWS\system32\drivers\75457635.sys
13:01:52.0377 0x050c  System UUID: {9D4BEE60-AB83-536C-A0DC-D94CF4FF169F}
13:01:53.0125 0x050c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:01:53.0141 0x050c  ============================================================
13:01:53.0141 0x050c  \Device\Harddisk0\DR0:
13:01:53.0141 0x050c  GPT partitions:
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2D22DFE6-17ED-45E8-9216-EDEE25249482}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {863E5167-A350-4CEE-B2F0-4B87767B7123}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {32B8CFDB-011B-42BC-B40B-74B9EC526227}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7CFAB646-CA05-42CD-942E-080BDFD6F2B7}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x378D4000
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7F77E032-4931-41AF-B664-1F1F04C2F490}, Name: , StartLBA 0x37AD6800, BlocksNum 0xAF000
13:01:53.0141 0x050c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A5850935-CE1C-4F99-8B11-C466C7E18921}, Name: Basic data partition, StartLBA 0x37B86000, BlocksNum 0x2800000
13:01:53.0141 0x050c  MBR partitions:
13:01:53.0141 0x050c  ============================================================
13:01:53.0157 0x050c  C: <-> \Device\Harddisk0\DR0\Partition4
13:01:53.0157 0x050c  ============================================================
13:01:53.0157 0x050c  Initialize success
13:01:53.0157 0x050c  ============================================================
13:02:53.0832 0x3280  ============================================================
13:02:53.0832 0x3280  Scan started
13:02:53.0832 0x3280  Mode: Manual; SigCheck; TDLFS; 
13:02:53.0832 0x3280  ============================================================
13:02:53.0832 0x3280  KSN ping started
13:02:56.0150 0x3280  KSN ping finished: true
13:03:00.0356 0x3280  ================ Scan system memory ========================
13:03:00.0356 0x3280  System memory - ok
13:03:00.0357 0x3280  ================ Scan services =============================
13:03:00.0547 0x3280  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:03:00.0681 0x3280  1394ohci - ok
13:03:00.0712 0x3280  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:03:00.0726 0x3280  3ware - ok
13:03:00.0784 0x3280  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:03:00.0808 0x3280  ACPI - ok
13:03:00.0860 0x3280  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:03:00.0873 0x3280  acpiex - ok
13:03:00.0897 0x3280  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:03:00.0928 0x3280  acpipagr - ok
13:03:00.0978 0x3280  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:03:01.0051 0x3280  AcpiPmi - ok
13:03:01.0108 0x3280  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:03:01.0172 0x3280  acpitime - ok
13:03:01.0195 0x3280  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
13:03:01.0227 0x3280  acsock - ok
13:03:01.0245 0x3280  [ 8AE666DCB47977A2E9344BEFB3AB47CD, B2F79976408B9CA27D01080D7A240450CA373DEF61EE5A30319DF0FEC56615B9 ] adgnetworktdidrv C:\WINDOWS\system32\drivers\adgnetworktdidrv.sys
13:03:01.0254 0x3280  adgnetworktdidrv - ok
13:03:01.0380 0x3280  [ FE392E13FB5C8BE2CE9128449885BCB5, D5A62598B0B4348A626D92FD2FBBF9D00F593587E2AACC93BB18136662FBD8C5 ] Adguard Service C:\Program Files (x86)\Adguard\AdguardSvc.exe
13:03:01.0387 0x3280  Adguard Service - ok
13:03:01.0431 0x3280  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:03:01.0469 0x3280  ADP80XX - ok
13:03:01.0527 0x3280  [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:03:01.0551 0x3280  AFD - ok
13:03:01.0563 0x3280  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:03:01.0574 0x3280  agp440 - ok
13:03:01.0591 0x3280  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:03:01.0676 0x3280  ahcache - ok
13:03:01.0705 0x3280  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
13:03:01.0712 0x3280  AiCharger - ok
13:03:01.0759 0x3280  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
13:03:01.0824 0x3280  AJRouter - ok
13:03:01.0861 0x3280  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
13:03:01.0937 0x3280  ALG - ok
13:03:02.0089 0x3280  [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
13:03:02.0136 0x3280  AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
13:03:04.0472 0x3280  Detect skipped due to KSN trusted
13:03:04.0472 0x3280  AllShare Framework DMS - ok
13:03:04.0500 0x3280  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:03:04.0571 0x3280  AmdK8 - ok
13:03:04.0615 0x3280  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:03:04.0644 0x3280  AmdPPM - ok
13:03:04.0662 0x3280  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:03:04.0673 0x3280  amdsata - ok
13:03:04.0698 0x3280  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:03:04.0714 0x3280  amdsbs - ok
13:03:04.0733 0x3280  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:03:04.0745 0x3280  amdxata - ok
13:03:04.0825 0x3280  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:03:04.0850 0x3280  AntiVirMailService - ok
13:03:04.0890 0x3280  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:03:04.0939 0x3280  AntiVirSchedulerService - ok
13:03:04.0979 0x3280  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:03:04.0995 0x3280  AntiVirService - ok
13:03:05.0099 0x3280  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:03:05.0133 0x3280  AntiVirWebService - ok
13:03:05.0172 0x3280  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:03:05.0185 0x3280  AppID - ok
13:03:05.0237 0x3280  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:03:05.0310 0x3280  AppIDSvc - ok
13:03:05.0370 0x3280  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:03:05.0401 0x3280  Appinfo - ok
13:03:05.0591 0x3280  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:03:05.0598 0x3280  Apple Mobile Device Service - ok
13:03:05.0663 0x3280  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:03:05.0784 0x3280  AppReadiness - ok
13:03:05.0871 0x3280  [ 0D4420CD428338C5E8806DBA4063E4B6, CDBE84EC7680163BA59955A15C62ADCB45D082591B60F71F3ED197139A6AD504 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:03:06.0020 0x3280  AppXSvc - ok
13:03:06.0061 0x3280  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:03:06.0074 0x3280  arcsas - ok
13:03:06.0132 0x3280  [ FA713019412C061385F09BD373BF747A, 83ED108FEE95BA7CBE87C845154F97FCB4597F9D9BEC1F802B92D8994BD5931D ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:03:06.0139 0x3280  ASLDRService - ok
13:03:06.0146 0x3280  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:03:06.0152 0x3280  ASMMAP64 - ok
13:03:06.0190 0x3280  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
13:03:06.0200 0x3280  ASUS InstantOn - ok
13:03:06.0217 0x3280  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
13:03:06.0281 0x3280  AsyncMac - ok
13:03:06.0297 0x3280  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:03:06.0307 0x3280  atapi - ok
13:03:06.0444 0x3280  [ B9875A03DC4D9496CF84921E47BD9499, 41F9A9CD0894684A5473DD0C12BAD6F8322CA68127DDE948E31F515A521D6A53 ] athr            C:\WINDOWS\System32\drivers\athw10x.sys
13:03:06.0636 0x3280  athr - ok
13:03:06.0658 0x3280  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:03:06.0665 0x3280  ATKGFNEXSrv - ok
13:03:06.0701 0x3280  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:03:06.0707 0x3280  ATKWMIACPIIO - ok
13:03:06.0749 0x3280  [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
13:03:06.0758 0x3280  ATP - ok
13:03:06.0813 0x3280  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:03:06.0914 0x3280  AudioEndpointBuilder - ok
13:03:06.0971 0x3280  [ 5D6D5DA39A402AE7B05047781699ABDE, E3E4A7BA6E92190F9D9D6AD9AE084E293D2E271089CA78503AD72D7F39492459 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:03:07.0069 0x3280  Audiosrv - ok
13:03:07.0107 0x3280  [ A900ED612B02CB3A2A8028866ED62E72, 0A93B04E8796AC6F1B6C8C858F717A4C73C11BC0C99BF285A486E57DB30D7965 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
13:03:07.0117 0x3280  avgntflt - ok
13:03:07.0133 0x3280  [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
13:03:07.0143 0x3280  avipbb - ok
13:03:07.0216 0x3280  [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:03:07.0226 0x3280  Avira.ServiceHost - ok
13:03:07.0259 0x3280  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
13:03:07.0266 0x3280  avkmgr - ok
13:03:07.0314 0x3280  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
13:03:07.0321 0x3280  avnetflt - ok
13:03:07.0362 0x3280  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:03:07.0395 0x3280  AxInstSV - ok
13:03:07.0443 0x3280  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:03:07.0466 0x3280  b06bdrv - ok
13:03:07.0487 0x3280  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:03:07.0570 0x3280  BasicDisplay - ok
13:03:07.0587 0x3280  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:03:07.0605 0x3280  BasicRender - ok
13:03:07.0647 0x3280  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:03:07.0654 0x3280  bcmfn2 - ok
13:03:07.0713 0x3280  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:03:07.0802 0x3280  BDESVC - ok
13:03:07.0848 0x3280  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:03:07.0914 0x3280  Beep - ok
13:03:07.0970 0x3280  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
13:03:08.0060 0x3280  BFE - ok
13:03:08.0114 0x3280  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:03:08.0264 0x3280  BITS - ok
13:03:08.0304 0x3280  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:03:08.0318 0x3280  Bonjour Service - ok
13:03:08.0333 0x3280  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:03:08.0406 0x3280  bowser - ok
13:03:08.0470 0x3280  [ EB4F4B88DF20C7B134F33A64EFD56BED, 7C32485FDDEEA23760DF24FC9576FBA11330C5BBA9053869FDAA9AD8A16B1610 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:03:08.0535 0x3280  BrokerInfrastructure - ok
13:03:08.0571 0x3280  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
13:03:08.0649 0x3280  Browser - ok
13:03:08.0676 0x3280  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:03:08.0739 0x3280  BthAvrcpTg - ok
13:03:08.0769 0x3280  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:03:08.0904 0x3280  BthHFEnum - ok
13:03:08.0933 0x3280  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:03:08.0963 0x3280  bthhfhid - ok
13:03:09.0032 0x3280  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:03:09.0054 0x3280  BthHFSrv - ok
13:03:09.0081 0x3280  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:03:09.0114 0x3280  BTHMODEM - ok
13:03:09.0153 0x3280  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:03:09.0229 0x3280  bthserv - ok
13:03:09.0244 0x3280  [ F34AD5A9F944D91BD285D1C29EEECB2B, 2EDA8C481B7F7F49AC8399485AE7C2D182568EE2E62394DC78C9A821ADAEA5EC ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:03:09.0312 0x3280  buttonconverter - ok
13:03:09.0326 0x3280  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
13:03:09.0351 0x3280  CapImg - ok
13:03:09.0390 0x3280  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:03:09.0416 0x3280  cdfs - ok
13:03:09.0466 0x3280  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
13:03:09.0545 0x3280  CDPSvc - ok
13:03:09.0571 0x3280  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:03:09.0596 0x3280  cdrom - ok
13:03:09.0650 0x3280  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:03:09.0676 0x3280  CertPropSvc - ok
13:03:09.0717 0x3280  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:03:09.0729 0x3280  circlass - ok
13:03:09.0770 0x3280  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:03:09.0789 0x3280  CLFS - ok
13:03:09.0853 0x3280  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
13:03:09.0879 0x3280  ClipSVC - ok
13:03:09.0901 0x3280  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:03:09.0963 0x3280  CmBatt - ok
13:03:10.0014 0x3280  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:03:10.0039 0x3280  CNG - ok
13:03:10.0057 0x3280  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:03:10.0068 0x3280  cnghwassist - ok
13:03:10.0144 0x3280  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
13:03:10.0171 0x3280  CompositeBus - ok
13:03:10.0175 0x3280  COMSysApp - ok
13:03:10.0216 0x3280  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:03:10.0266 0x3280  condrv - ok
13:03:10.0327 0x3280  [ 5C2C63BC5CE4A753C16CED512F91A04D, 4ACFA702B4CD7E30525D9595533E6B8EACBFF7F38EE7A05E8AC087BB229AD9D4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:03:10.0357 0x3280  CoreMessagingRegistrar - ok
13:03:10.0476 0x3280  [ 0781DE74790BDBB9A7B9EF6CAA62B4E0, E25D6B8E35B01CD57CDE473EEB243E228B8BF314B7324A306720C12DE28EB4FA ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:03:10.0580 0x3280  cphs - ok
13:03:10.0615 0x3280  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:03:10.0680 0x3280  CryptSvc - ok
13:03:10.0729 0x3280  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:03:10.0740 0x3280  dam - ok
13:03:10.0791 0x3280  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\WINDOWS\system32\DRIVERS\dc3d.sys
13:03:10.0802 0x3280  dc3d - ok
13:03:10.0895 0x3280  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:03:11.0022 0x3280  DcomLaunch - ok
13:03:11.0075 0x3280  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
13:03:11.0106 0x3280  DcpSvc - ok
13:03:11.0171 0x3280  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:03:11.0211 0x3280  defragsvc - ok
13:03:11.0261 0x3280  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:03:11.0299 0x3280  DeviceAssociationService - ok
13:03:11.0338 0x3280  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:03:11.0357 0x3280  DeviceInstall - ok
13:03:11.0405 0x3280  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
13:03:11.0473 0x3280  DevQueryBroker - ok
13:03:11.0507 0x3280  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:03:11.0533 0x3280  Dfsc - ok
13:03:11.0588 0x3280  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:03:11.0611 0x3280  dg_ssudbus - ok
13:03:11.0669 0x3280  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:03:11.0755 0x3280  Dhcp - ok
13:03:11.0833 0x3280  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:03:11.0862 0x3280  diagnosticshub.standardcollector.service - ok
13:03:11.0933 0x3280  [ F96AADEF864DA2E52C45DE1498B18753, 19FF8EA929D21E4C223E5F9383DCE83E15E6815D5356A343DD6D9EACF29F1560 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:03:11.0983 0x3280  DiagTrack - ok
13:03:11.0997 0x3280  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:03:12.0009 0x3280  disk - ok
13:03:12.0059 0x3280  [ 8E481EDF066552D551613EC9FE7D179F, 96E955CA82B4CDEC00ED08003FDC8DD61E685F421912EDBF7B0DA740048416F9 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:03:12.0117 0x3280  DmEnrollmentSvc - ok
13:03:12.0154 0x3280  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:03:12.0217 0x3280  dmvsc - ok
13:03:12.0245 0x3280  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:03:12.0264 0x3280  dmwappushservice - ok
13:03:12.0313 0x3280  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:03:12.0339 0x3280  Dnscache - ok
13:03:12.0399 0x3280  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:03:12.0425 0x3280  dot3svc - ok
13:03:12.0445 0x3280  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
13:03:12.0524 0x3280  DPS - ok
13:03:12.0561 0x3280  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:03:12.0571 0x3280  drmkaud - ok
13:03:12.0618 0x3280  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:03:12.0700 0x3280  DsmSvc - ok
13:03:12.0765 0x3280  [ F2328181D289CE83E9979733EAB6742A, 73B1CDA6ED8C42B36126909F1335B72126A5DDC6FC7CE8BA2CA274A2B92E82FD ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
13:03:12.0786 0x3280  DsSvc - ok
13:03:12.0868 0x3280  [ 310334DAF2C455744703E2D582942DF3, C25C42B4C5BA3456DCB2C24546D7E38A9F5321992B81138A8BDCE021C4BE6D13 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:03:12.0925 0x3280  DXGKrnl - ok
13:03:12.0983 0x3280  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:03:13.0014 0x3280  Eaphost - ok
13:03:13.0129 0x3280  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:03:13.0252 0x3280  ebdrv - ok
13:03:13.0298 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
13:03:13.0310 0x3280  EFS - ok
13:03:13.0360 0x3280  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:03:13.0371 0x3280  EhStorClass - ok
13:03:13.0398 0x3280  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:03:13.0411 0x3280  EhStorTcgDrv - ok
13:03:13.0447 0x3280  [ 44CE3346DBB530FB4A529854CC68DBFC, D9422E07E3FB8A9895C120F720D6EB7D6484C813E6FF75DDC17B8CB95672F3A9 ] EkaProt6        C:\WINDOWS\system32\DRIVERS\ekaprot6.sys
13:03:13.0455 0x3280  EkaProt6 - ok
13:03:13.0499 0x3280  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
13:03:13.0531 0x3280  embeddedmode - ok
13:03:13.0556 0x3280  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:03:13.0628 0x3280  EntAppSvc - ok
13:03:13.0658 0x3280  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:03:13.0682 0x3280  ErrDev - ok
13:03:13.0730 0x3280  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
13:03:13.0783 0x3280  EventSystem - ok
13:03:13.0803 0x3280  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:03:13.0878 0x3280  exfat - ok
13:03:13.0932 0x3280  [ 435FC0D25ADFD1A2FBA8C98BD4D79E23, F89D02518923D5AAB4A63686F26EE6118584AA9641D2C0B5B1AE4A728D5C06A4 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:03:13.0948 0x3280  fastfat - ok
13:03:13.0994 0x3280  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:03:14.0083 0x3280  Fax - ok
13:03:14.0111 0x3280  [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc           C:\WINDOWS\System32\drivers\fcvsc.sys
13:03:14.0139 0x3280  fcvsc - ok
13:03:14.0155 0x3280  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:03:14.0176 0x3280  fdc - ok
13:03:14.0221 0x3280  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:03:14.0250 0x3280  fdPHost - ok
13:03:14.0261 0x3280  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:03:14.0282 0x3280  FDResPub - ok
13:03:14.0296 0x3280  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:03:14.0326 0x3280  fhsvc - ok
13:03:14.0369 0x3280  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
13:03:14.0389 0x3280  FileCrypt - ok
13:03:14.0407 0x3280  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:03:14.0420 0x3280  FileInfo - ok
13:03:14.0467 0x3280  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:03:14.0499 0x3280  Filetrace - ok
13:03:14.0510 0x3280  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:03:14.0525 0x3280  flpydisk - ok
13:03:14.0536 0x3280  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:03:14.0554 0x3280  FltMgr - ok
13:03:14.0643 0x3280  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:03:14.0766 0x3280  FontCache - ok
13:03:14.0925 0x3280  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:03:14.0935 0x3280  FontCache3.0.0.0 - ok
13:03:14.0973 0x3280  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:03:14.0984 0x3280  FsDepends - ok
13:03:14.0998 0x3280  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:03:15.0010 0x3280  Fs_Rec - ok
13:03:15.0057 0x3280  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:03:15.0094 0x3280  fvevol - ok
13:03:15.0114 0x3280  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:03:15.0126 0x3280  gagp30kx - ok
13:03:15.0173 0x3280  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:03:15.0179 0x3280  GEARAspiWDM - ok
13:03:15.0217 0x3280  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:03:15.0248 0x3280  gencounter - ok
13:03:15.0291 0x3280  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
13:03:15.0358 0x3280  genericusbfn - ok
13:03:15.0370 0x3280  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:03:15.0385 0x3280  GPIOClx0101 - ok
13:03:15.0457 0x3280  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:03:15.0514 0x3280  gpsvc - ok
13:03:15.0527 0x3280  [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:03:15.0555 0x3280  GpuEnergyDrv - ok
13:03:15.0645 0x3280  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:15.0653 0x3280  gupdate - ok
13:03:15.0657 0x3280  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:15.0664 0x3280  gupdatem - ok
13:03:15.0677 0x3280  [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:03:15.0695 0x3280  HDAudBus - ok
13:03:15.0706 0x3280  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:03:15.0725 0x3280  HidBatt - ok
13:03:15.0751 0x3280  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:03:15.0789 0x3280  HidBth - ok
13:03:15.0821 0x3280  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:03:15.0846 0x3280  hidi2c - ok
13:03:15.0859 0x3280  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:03:15.0870 0x3280  hidinterrupt - ok
13:03:15.0905 0x3280  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:03:15.0941 0x3280  HidIr - ok
13:03:16.0012 0x3280  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:03:16.0025 0x3280  hidserv - ok
13:03:16.0069 0x3280  [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
13:03:16.0101 0x3280  HIDSwitch - ok
13:03:16.0140 0x3280  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:03:16.0210 0x3280  HidUsb - ok
13:03:16.0273 0x3280  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:03:16.0351 0x3280  HomeGroupListener - ok
13:03:16.0401 0x3280  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:03:16.0450 0x3280  HomeGroupProvider - ok
13:03:16.0471 0x3280  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:03:16.0482 0x3280  HpSAMD - ok
13:03:16.0519 0x3280  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:03:16.0553 0x3280  HTTP - ok
13:03:16.0567 0x3280  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:03:16.0577 0x3280  hwpolicy - ok
13:03:16.0670 0x3280  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:03:16.0708 0x3280  hyperkbd - ok
13:03:16.0732 0x3280  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:03:16.0755 0x3280  HyperVideo - ok
13:03:16.0768 0x3280  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:03:16.0840 0x3280  i8042prt - ok
13:03:16.0863 0x3280  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:03:16.0871 0x3280  iaLPSSi_GPIO - ok
13:03:16.0948 0x3280  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:03:16.0958 0x3280  iaLPSSi_I2C - ok
13:03:17.0008 0x3280  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:03:17.0026 0x3280  iaStorA - ok
13:03:17.0056 0x3280  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:03:17.0082 0x3280  iaStorAV - ok
13:03:17.0118 0x3280  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:03:17.0139 0x3280  iaStorV - ok
13:03:17.0161 0x3280  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
13:03:17.0181 0x3280  ibbus - ok
13:03:17.0223 0x3280  [ 2268D73AECBE7E5953E2C6169238CCB4, CB07A720047DB2187E6E17BD26408D9F375715D2174CCE4BFB40465831088072 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
13:03:17.0314 0x3280  icssvc - ok
13:03:17.0318 0x3280  IEEtwCollectorService - ok
13:03:17.0459 0x3280  [ 3F8B046C0839FDB879FE179C07A1A6A4, 95B4567B1DD185FE0895C3CDE96DD3BE236A50B3098835EE48224C6817A2AD81 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:03:17.0616 0x3280  igfx - ok
13:03:17.0672 0x3280  [ 1DBE918F1EDE43C8D49B6D9A7DEA25F3, 62D0CA581F53EBA39F11864DFA15B533EB8A0A987962BEE70D6372C51ACD40FD ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:03:17.0686 0x3280  igfxCUIService1.0.0.0 - ok
13:03:17.0754 0x3280  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:03:17.0827 0x3280  IKEEXT - ok
13:03:17.0852 0x3280  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:03:17.0870 0x3280  intaud_WaveExtensible - ok
13:03:18.0014 0x3280  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:03:18.0162 0x3280  IntcAzAudAddService - ok
13:03:18.0212 0x3280  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:03:18.0307 0x3280  IntcDAud - ok
13:03:18.0421 0x3280  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:03:18.0439 0x3280  Intel(R) Capability Licensing Service Interface - ok
13:03:18.0520 0x3280  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:03:18.0527 0x3280  Intel(R) ME Service - ok
13:03:18.0568 0x3280  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:03:18.0578 0x3280  intelide - ok
13:03:18.0617 0x3280  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:03:18.0628 0x3280  intelpep - ok
13:03:18.0647 0x3280  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:03:18.0677 0x3280  intelppm - ok
13:03:18.0681 0x3280  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
13:03:18.0750 0x3280  IoQos - ok
13:03:18.0755 0x3280  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:03:18.0777 0x3280  IpFilterDriver - ok
13:03:18.0833 0x3280  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:03:18.0892 0x3280  iphlpsvc - ok
13:03:18.0913 0x3280  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:03:18.0986 0x3280  IPMIDRV - ok
13:03:19.0009 0x3280  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:03:19.0039 0x3280  IPNAT - ok
13:03:19.0093 0x3280  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:03:19.0110 0x3280  iPod Service - ok
13:03:19.0152 0x3280  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:03:19.0174 0x3280  IRENUM - ok
13:03:19.0208 0x3280  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:03:19.0218 0x3280  isapnp - ok
13:03:19.0243 0x3280  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:03:19.0260 0x3280  iScsiPrt - ok
13:03:19.0299 0x3280  [ 56D480702478880805F4E74F2BA02382, D1292175BBC38D105E298F7E62C7E113DB540C1878892F1D4E1E2602DECDCAA0 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
13:03:19.0310 0x3280  iwdbus - ok
13:03:19.0335 0x3280  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:03:19.0343 0x3280  jhi_service - ok
13:03:19.0394 0x3280  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:03:19.0405 0x3280  kbdclass - ok
13:03:19.0421 0x3280  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:03:19.0462 0x3280  kbdhid - ok
13:03:19.0507 0x3280  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
13:03:19.0581 0x3280  kbfiltr - ok
13:03:19.0604 0x3280  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
13:03:19.0672 0x3280  kdnic - ok
13:03:19.0687 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:03:19.0699 0x3280  KeyIso - ok
13:03:19.0732 0x3280  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:03:19.0745 0x3280  KSecDD - ok
13:03:19.0751 0x3280  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:03:19.0764 0x3280  KSecPkg - ok
13:03:19.0768 0x3280  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:03:19.0787 0x3280  ksthunk - ok
13:03:19.0834 0x3280  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:03:19.0926 0x3280  KtmRm - ok
13:03:19.0966 0x3280  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:03:19.0993 0x3280  LanmanServer - ok
13:03:20.0049 0x3280  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:03:20.0077 0x3280  LanmanWorkstation - ok
13:03:20.0119 0x3280  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
13:03:20.0188 0x3280  lfsvc - ok
13:03:20.0218 0x3280  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
13:03:20.0311 0x3280  LicenseManager - ok
13:03:20.0336 0x3280  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
13:03:20.0351 0x3280  lltdio - ok
13:03:20.0391 0x3280  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:03:20.0432 0x3280  lltdsvc - ok
13:03:20.0475 0x3280  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:03:20.0526 0x3280  lmhosts - ok
13:03:20.0559 0x3280  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:03:20.0568 0x3280  LMS - ok
13:03:20.0608 0x3280  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:03:20.0620 0x3280  LSI_SAS - ok
13:03:20.0629 0x3280  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:03:20.0642 0x3280  LSI_SAS2i - ok
13:03:20.0647 0x3280  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:03:20.0659 0x3280  LSI_SAS3i - ok
13:03:20.0663 0x3280  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:03:20.0675 0x3280  LSI_SSS - ok
13:03:20.0728 0x3280  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
13:03:20.0817 0x3280  LSM - ok
13:03:20.0832 0x3280  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:03:20.0864 0x3280  luafv - ok
13:03:20.0907 0x3280  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
13:03:21.0045 0x3280  MapsBroker - ok
13:03:21.0079 0x3280  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
13:03:21.0086 0x3280  MBAMProtector - ok
13:03:21.0190 0x3280  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:03:21.0230 0x3280  MBAMScheduler - ok
13:03:21.0284 0x3280  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:03:21.0314 0x3280  MBAMService - ok
13:03:21.0354 0x3280  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:03:21.0362 0x3280  MBAMSwissArmy - ok
13:03:21.0378 0x3280  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:03:21.0385 0x3280  MBAMWebAccessControl - ok
13:03:21.0421 0x3280  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:03:21.0432 0x3280  megasas - ok
13:03:21.0465 0x3280  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:03:21.0489 0x3280  megasr - ok
13:03:21.0526 0x3280  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
13:03:21.0533 0x3280  MEIx64 - ok
13:03:21.0627 0x3280  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:03:21.0636 0x3280  Microsoft Office Groove Audit Service - ok
13:03:21.0747 0x3280  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:03:21.0774 0x3280  mlx4_bus - ok
13:03:21.0814 0x3280  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
13:03:21.0880 0x3280  MMCSS - ok
13:03:21.0896 0x3280  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:03:21.0927 0x3280  Modem - ok
13:03:21.0968 0x3280  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:03:22.0040 0x3280  monitor - ok
13:03:22.0077 0x3280  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:03:22.0087 0x3280  mouclass - ok
13:03:22.0104 0x3280  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:03:22.0166 0x3280  mouhid - ok
13:03:22.0207 0x3280  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:03:22.0219 0x3280  mountmgr - ok
13:03:22.0257 0x3280  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:03:22.0324 0x3280  mpsdrv - ok
13:03:22.0394 0x3280  [ 51D4584BC245AF1B679CAF01669ACE23, AA0BE0D216A00113F5C07DD95CBC15C4448BF2CBD4954CF16D1E9689455447DB ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:03:22.0534 0x3280  MpsSvc - ok
13:03:22.0556 0x3280  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:03:22.0596 0x3280  MRxDAV - ok
13:03:22.0622 0x3280  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:03:22.0663 0x3280  mrxsmb - ok
13:03:22.0671 0x3280  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:03:22.0747 0x3280  mrxsmb10 - ok
13:03:22.0768 0x3280  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:03:22.0807 0x3280  mrxsmb20 - ok
13:03:22.0841 0x3280  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
13:03:22.0878 0x3280  MsBridge - ok
13:03:22.0923 0x3280  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:03:22.0959 0x3280  MSDTC - ok
13:03:22.0988 0x3280  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:03:23.0006 0x3280  Msfs - ok
13:03:23.0038 0x3280  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:03:23.0049 0x3280  msgpiowin32 - ok
13:03:23.0070 0x3280  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:03:23.0110 0x3280  mshidkmdf - ok
13:03:23.0148 0x3280  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:03:23.0159 0x3280  mshidumdf - ok
13:03:23.0166 0x3280  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:03:23.0176 0x3280  msisadrv - ok
13:03:23.0209 0x3280  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:03:23.0247 0x3280  MSiSCSI - ok
13:03:23.0251 0x3280  msiserver - ok
13:03:23.0264 0x3280  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:03:23.0285 0x3280  MSKSSRV - ok
13:03:23.0299 0x3280  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
13:03:23.0320 0x3280  MsLldp - ok
13:03:23.0324 0x3280  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:03:23.0345 0x3280  MSPCLOCK - ok
13:03:23.0389 0x3280  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:03:23.0401 0x3280  MSPQM - ok
13:03:23.0417 0x3280  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:03:23.0435 0x3280  MsRPC - ok
13:03:23.0441 0x3280  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:03:23.0453 0x3280  mssmbios - ok
13:03:23.0456 0x3280  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:03:23.0474 0x3280  MSTEE - ok
13:03:23.0515 0x3280  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:03:23.0545 0x3280  MTConfig - ok
13:03:23.0560 0x3280  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:03:23.0573 0x3280  Mup - ok
13:03:23.0590 0x3280  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:03:23.0601 0x3280  mvumis - ok
13:03:23.0656 0x3280  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:03:23.0738 0x3280  NativeWifiP - ok
13:03:23.0792 0x3280  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:03:23.0846 0x3280  NcaSvc - ok
13:03:23.0865 0x3280  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:03:23.0938 0x3280  NcbService - ok
13:03:23.0960 0x3280  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:03:24.0033 0x3280  NcdAutoSetup - ok
13:03:24.0051 0x3280  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
13:03:24.0063 0x3280  ndfltr - ok
13:03:24.0129 0x3280  [ D43EAFF4887321A07D9F9A9DD7225E07, CF29073BBABE12D56744B041118F15C6C08CB89EF12413E359A6875C90FA383F ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:03:24.0189 0x3280  NDIS - ok
13:03:24.0200 0x3280  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
13:03:24.0265 0x3280  NdisCap - ok
13:03:24.0308 0x3280  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:03:24.0329 0x3280  NdisImPlatform - ok
13:03:24.0366 0x3280  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:03:24.0386 0x3280  NdisTapi - ok
13:03:24.0404 0x3280  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
13:03:24.0421 0x3280  Ndisuio - ok
13:03:24.0425 0x3280  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:03:24.0439 0x3280  NdisVirtualBus - ok
13:03:24.0465 0x3280  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
13:03:24.0503 0x3280  NdisWan - ok
13:03:24.0510 0x3280  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:03:24.0529 0x3280  ndiswanlegacy - ok
13:03:24.0566 0x3280  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:03:24.0590 0x3280  ndproxy - ok
13:03:24.0613 0x3280  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:03:24.0694 0x3280  Ndu - ok
13:03:24.0716 0x3280  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
13:03:24.0726 0x3280  NetBIOS - ok
13:03:24.0736 0x3280  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:03:24.0785 0x3280  NetBT - ok
13:03:24.0798 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:03:24.0809 0x3280  Netlogon - ok
13:03:24.0855 0x3280  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
13:03:24.0886 0x3280  Netman - ok
13:03:24.0941 0x3280  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:03:24.0985 0x3280  netprofm - ok
13:03:25.0031 0x3280  [ 24B38B871128BB08849701CEA722DA1B, 7E62AE8570E7DE83F79012B4D1492DD03496C0678F0BD98DC9C0EFF66D1B8D13 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
13:03:25.0107 0x3280  NetSetupSvc - ok
13:03:25.0156 0x3280  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:25.0195 0x3280  NetTcpPortSharing - ok
13:03:25.0261 0x3280  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
13:03:25.0307 0x3280  netvsc - ok
13:03:25.0372 0x3280  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
13:03:25.0430 0x3280  NgcCtnrSvc - ok
13:03:25.0443 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
13:03:25.0457 0x3280  NgcSvc - ok
13:03:25.0512 0x3280  [ D5B50FCE0B749FC82BD8FD3A79FF623E, DB5E21011E020C08A5BE2B250BDEF9ACEA9891D6B7022BB9AAA5C6B92A4C87F8 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
         

Alt 14.08.2015, 12:12   #7
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Teil 2

Code:
ATTFilter
13:03:25.0621 0x3280  NlaSvc - ok
13:03:25.0646 0x3280  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:03:25.0684 0x3280  Npfs - ok
13:03:25.0730 0x3280  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:03:25.0800 0x3280  npsvctrig - ok
13:03:25.0858 0x3280  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:03:25.0908 0x3280  nsi - ok
13:03:25.0924 0x3280  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:03:25.0943 0x3280  nsiproxy - ok
13:03:26.0031 0x3280  [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
13:03:26.0094 0x3280  NTFS - ok
13:03:26.0134 0x3280  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:03:26.0155 0x3280  Null - ok
13:03:26.0455 0x3280  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:03:26.0785 0x3280  nvlddmkm - ok
13:03:26.0807 0x3280  [ 96C8DE2AE83B2633B937D7121EC9A96F, 8C2F367592116E328AF91A345DA446480731632813C210E0AF75EFEF85B5D8DE ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:03:26.0827 0x3280  nvpciflt - ok
13:03:26.0863 0x3280  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:03:26.0877 0x3280  nvraid - ok
13:03:26.0920 0x3280  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:03:26.0934 0x3280  nvstor - ok
13:03:26.0989 0x3280  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:03:27.0013 0x3280  nvsvc - ok
13:03:27.0129 0x3280  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:03:27.0166 0x3280  nvUpdatusService - ok
13:03:27.0195 0x3280  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:03:27.0208 0x3280  nv_agp - ok
13:03:27.0306 0x3280  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:03:27.0322 0x3280  odserv - ok
13:03:27.0366 0x3280  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
13:03:27.0403 0x3280  OneSyncSvc - ok
13:03:27.0460 0x3280  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:03:27.0472 0x3280  ose - ok
13:03:27.0528 0x3280  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:03:27.0592 0x3280  p2pimsvc - ok
13:03:27.0657 0x3280  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:03:27.0683 0x3280  p2psvc - ok
13:03:27.0709 0x3280  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:03:27.0738 0x3280  Parport - ok
13:03:27.0748 0x3280  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:03:27.0761 0x3280  partmgr - ok
13:03:27.0812 0x3280  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:03:27.0835 0x3280  PcaSvc - ok
13:03:27.0887 0x3280  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:03:27.0904 0x3280  pci - ok
13:03:27.0947 0x3280  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:03:27.0957 0x3280  pciide - ok
13:03:27.0990 0x3280  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:03:28.0002 0x3280  pcmcia - ok
13:03:28.0026 0x3280  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:03:28.0036 0x3280  pcw - ok
13:03:28.0041 0x3280  [ 5A4426450501534666F9E6157E258A0B, 2735EE7C5581D2FF5454662623BE94D08043C894580D540F0E5D3E21C7D7EC45 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:03:28.0053 0x3280  pdc - ok
13:03:28.0108 0x3280  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:03:28.0150 0x3280  PEAUTH - ok
13:03:28.0161 0x3280  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
13:03:28.0172 0x3280  percsas2i - ok
13:03:28.0186 0x3280  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
13:03:28.0197 0x3280  percsas3i - ok
13:03:28.0306 0x3280  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:03:28.0384 0x3280  PerfHost - ok
13:03:28.0435 0x3280  [ 42172DDE99D9F2AB3B0739506699A566, 6B0FAD656A24787E9429EA89F7DC03CC535D8E5D093378F93164ECADCEE5CFDF ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:03:28.0520 0x3280  PimIndexMaintenanceSvc - ok
13:03:28.0655 0x3280  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
13:03:28.0718 0x3280  pla - ok
13:03:28.0761 0x3280  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:03:28.0780 0x3280  PlugPlay - ok
13:03:28.0818 0x3280  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:03:28.0858 0x3280  PNRPAutoReg - ok
13:03:28.0884 0x3280  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:03:28.0910 0x3280  PNRPsvc - ok
13:03:28.0966 0x3280  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:03:29.0005 0x3280  PolicyAgent - ok
13:03:29.0018 0x3280  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
13:03:29.0033 0x3280  Power - ok
13:03:29.0068 0x3280  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
13:03:29.0160 0x3280  PptpMiniport - ok
13:03:29.0361 0x3280  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:03:29.0715 0x3280  PrintNotify - ok
13:03:29.0762 0x3280  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:03:29.0792 0x3280  Processor - ok
13:03:29.0838 0x3280  [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:03:29.0861 0x3280  ProfSvc - ok
13:03:29.0905 0x3280  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
13:03:29.0918 0x3280  Psched - ok
13:03:29.0969 0x3280  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:03:30.0037 0x3280  QWAVE - ok
13:03:30.0080 0x3280  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:03:30.0091 0x3280  QWAVEdrv - ok
13:03:30.0139 0x3280  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:03:30.0161 0x3280  RasAcd - ok
13:03:30.0185 0x3280  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
13:03:30.0222 0x3280  RasAgileVpn - ok
13:03:30.0270 0x3280  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:03:30.0299 0x3280  RasAuto - ok
13:03:30.0323 0x3280  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
13:03:30.0351 0x3280  Rasl2tp - ok
13:03:30.0389 0x3280  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:03:30.0426 0x3280  RasMan - ok
13:03:30.0451 0x3280  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
13:03:30.0488 0x3280  RasPppoe - ok
13:03:30.0513 0x3280  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
13:03:30.0529 0x3280  RasSstp - ok
13:03:30.0553 0x3280  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:03:30.0596 0x3280  rdbss - ok
13:03:30.0608 0x3280  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:03:30.0678 0x3280  rdpbus - ok
13:03:30.0704 0x3280  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:03:30.0726 0x3280  RDPDR - ok
13:03:30.0758 0x3280  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:03:30.0768 0x3280  RdpVideoMiniport - ok
13:03:30.0807 0x3280  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:03:30.0822 0x3280  rdyboost - ok
13:03:30.0874 0x3280  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
13:03:30.0911 0x3280  ReFSv1 - ok
13:03:30.0982 0x3280  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:03:31.0014 0x3280  RemoteAccess - ok
13:03:31.0065 0x3280  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:03:31.0097 0x3280  RemoteRegistry - ok
13:03:31.0160 0x3280  [ B0511B21366DA51DB2D7813B7E76D776, 99D7FCC6B0DDF9EE475252966BA5F926C9FE9856EB72582473CFA573F4B9DD96 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
13:03:31.0263 0x3280  RetailDemo - ok
13:03:31.0301 0x3280  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:03:31.0321 0x3280  RpcEptMapper - ok
13:03:31.0359 0x3280  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:03:31.0371 0x3280  RpcLocator - ok
13:03:31.0440 0x3280  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:03:31.0477 0x3280  RpcSs - ok
13:03:31.0512 0x3280  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
13:03:31.0541 0x3280  rspndr - ok
13:03:31.0593 0x3280  [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
13:03:31.0635 0x3280  rt640x64 - ok
13:03:31.0680 0x3280  [ E377E1F54FDA4BAFF4414E8364C760FE, C11E8BCC424A0FE3B4CDF29C3AC0145F4A086E9C99F7E380F17890542F3E1C66 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
13:03:31.0695 0x3280  RTSUER - ok
13:03:31.0728 0x3280  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:03:31.0761 0x3280  s3cap - ok
13:03:31.0798 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:03:31.0835 0x3280  SamSs - ok
13:03:31.0945 0x3280  [ AE406EB8F94C1048AFC42B1B125410E0, 4E16668436C84C9BF5E6CE204EE9693C060C1041DC50F007EB8E815F69197BE8 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
13:03:31.0961 0x3280  Samsung Link Service - ok
13:03:31.0982 0x3280  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:03:31.0994 0x3280  sbp2port - ok
13:03:32.0068 0x3280  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:03:32.0098 0x3280  SCardSvr - ok
13:03:32.0105 0x3280  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:03:32.0134 0x3280  ScDeviceEnum - ok
13:03:32.0179 0x3280  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:03:32.0207 0x3280  scfilter - ok
13:03:32.0263 0x3280  [ 2EA574C3DCFCD47502946B85B342AA0C, F6DA375BE13FBCF20755C766E19159CC44A0B16163CF297B8AE49DD0602AEE73 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:03:32.0404 0x3280  Schedule - ok
13:03:32.0451 0x3280  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:03:32.0473 0x3280  SCPolicySvc - ok
13:03:32.0537 0x3280  [ CC41D16FB823F9BE167BE773F225CD1F, 97020D419CFC161A4EEF238F8580ADC2D026221217BF41728C54F52ACDBB9FCB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:03:32.0555 0x3280  sdbus - ok
13:03:32.0625 0x3280  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:03:32.0721 0x3280  SDRSVC - ok
13:03:32.0743 0x3280  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:03:32.0757 0x3280  sdstor - ok
13:03:32.0800 0x3280  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:03:32.0870 0x3280  seclogon - ok
13:03:32.0940 0x3280  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
13:03:32.0970 0x3280  SENS - ok
13:03:33.0034 0x3280  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:03:33.0193 0x3280  SensorDataService - ok
13:03:33.0234 0x3280  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
13:03:33.0308 0x3280  SensorService - ok
13:03:33.0362 0x3280  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:03:33.0442 0x3280  SensrSvc - ok
13:03:33.0478 0x3280  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:03:33.0492 0x3280  SerCx - ok
13:03:33.0506 0x3280  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:03:33.0520 0x3280  SerCx2 - ok
13:03:33.0546 0x3280  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:03:33.0578 0x3280  Serenum - ok
13:03:33.0583 0x3280  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:03:33.0603 0x3280  Serial - ok
13:03:33.0646 0x3280  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:03:33.0690 0x3280  sermouse - ok
13:03:33.0756 0x3280  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:03:33.0797 0x3280  SessionEnv - ok
13:03:33.0814 0x3280  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:03:33.0843 0x3280  sfloppy - ok
13:03:33.0892 0x3280  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:03:33.0929 0x3280  SharedAccess - ok
13:03:33.0980 0x3280  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:03:34.0024 0x3280  ShellHWDetection - ok
13:03:34.0043 0x3280  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:03:34.0054 0x3280  SiSRaid2 - ok
13:03:34.0084 0x3280  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:03:34.0096 0x3280  SiSRaid4 - ok
13:03:34.0186 0x3280  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:03:34.0203 0x3280  SkypeUpdate - ok
13:03:34.0263 0x3280  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
13:03:34.0289 0x3280  smphost - ok
13:03:34.0346 0x3280  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
13:03:34.0409 0x3280  SmsRouter - ok
13:03:34.0444 0x3280  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:03:34.0465 0x3280  SNMPTRAP - ok
13:03:34.0509 0x3280  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:03:34.0530 0x3280  spaceport - ok
13:03:34.0551 0x3280  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:03:34.0562 0x3280  SpbCx - ok
13:03:34.0619 0x3280  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:03:34.0680 0x3280  Spooler - ok
13:03:34.0902 0x3280  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:03:35.0147 0x3280  sppsvc - ok
13:03:35.0200 0x3280  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:03:35.0247 0x3280  srv - ok
13:03:35.0263 0x3280  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:03:35.0294 0x3280  srv2 - ok
13:03:35.0313 0x3280  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:03:35.0345 0x3280  srvnet - ok
13:03:35.0392 0x3280  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:03:35.0429 0x3280  SSDPSRV - ok
13:03:35.0478 0x3280  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:03:35.0506 0x3280  SstpSvc - ok
13:03:35.0524 0x3280  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:03:35.0550 0x3280  ssudmdm - ok
13:03:35.0669 0x3280  [ C26E2C89EFB4BB39CD135B5DED804B78, 99288C6023DC6AC6554521EA671AB387ACE2AE2BCDE145C7012202842FF40841 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:03:35.0815 0x3280  StateRepository - ok
13:03:35.0887 0x3280  [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:03:36.0179 0x3280  Steam Client Service - ok
13:03:36.0197 0x3280  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:03:36.0207 0x3280  stexstor - ok
13:03:36.0267 0x3280  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:03:36.0311 0x3280  stisvc - ok
13:03:36.0353 0x3280  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:03:36.0366 0x3280  storahci - ok
13:03:36.0382 0x3280  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:03:36.0392 0x3280  storflt - ok
13:03:36.0429 0x3280  [ 7042792AC7045D1EE8CC9FE743FD5194, F0CF2E542A51C887B476FAAFFA35504A85C3D127CCBD03C13C24984AEDCF506D ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:03:36.0440 0x3280  stornvme - ok
13:03:36.0455 0x3280  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
13:03:36.0543 0x3280  storqosflt - ok
13:03:36.0619 0x3280  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:03:36.0715 0x3280  StorSvc - ok
13:03:36.0759 0x3280  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
13:03:36.0770 0x3280  storufs - ok
13:03:36.0782 0x3280  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:03:36.0792 0x3280  storvsc - ok
13:03:36.0831 0x3280  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:03:36.0918 0x3280  svsvc - ok
13:03:37.0011 0x3280  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
13:03:37.0021 0x3280  swenum - ok
13:03:37.0046 0x3280  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
13:03:37.0083 0x3280  swprv - ok
13:03:37.0120 0x3280  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:03:37.0153 0x3280  Synth3dVsc - ok
13:03:37.0218 0x3280  [ 4EF908A86E6866783D66E2DF97666269, 4FF31CC0AEB36FF55D442E8C12DE3F311CF959D3094013609A177BEE31BA5CF9 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:03:37.0315 0x3280  SysMain - ok
13:03:37.0374 0x3280  [ 8863F06F520C1C76254B7DB45057BADA, EE8DA20185FBE37F64E8FE2A6FB477D602159AD6B63FFDD807981E6D28629888 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:03:37.0420 0x3280  SystemEventsBroker - ok
13:03:37.0456 0x3280  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:03:37.0572 0x3280  TabletInputService - ok
13:03:37.0609 0x3280  [ B39168AC9C2A035FE2467BCF951D98FA, 509909092A9E3DB80D1AA8647BE11F3C155022ABE12A4DEE15E8A139864F17DE ] taphss6         C:\WINDOWS\system32\DRIVERS\taphss6.sys
13:03:37.0616 0x3280  taphss6 - ok
13:03:37.0666 0x3280  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:03:37.0699 0x3280  TapiSrv - ok
13:03:37.0793 0x3280  [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:03:37.0860 0x3280  Tcpip - ok
13:03:37.0910 0x3280  [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
13:03:37.0969 0x3280  Tcpip6 - ok
13:03:37.0994 0x3280  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:03:38.0018 0x3280  tcpipreg - ok
13:03:38.0060 0x3280  [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:03:38.0072 0x3280  tdx - ok
13:03:38.0110 0x3280  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:03:38.0121 0x3280  terminpt - ok
13:03:38.0213 0x3280  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
13:03:38.0266 0x3280  TermService - ok
13:03:38.0307 0x3280  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:03:38.0338 0x3280  Themes - ok
13:03:38.0385 0x3280  [ 79431E9EEAE85C3E579D28265D2E3F21, 4C4A5CCCA8754D15737EC6E838E9F8A2B0D044F1FEB435B332EC70BB0CFA7DE1 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:03:38.0461 0x3280  tiledatamodelsvc - ok
13:03:38.0519 0x3280  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:03:38.0536 0x3280  TimeBroker - ok
13:03:38.0558 0x3280  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
13:03:38.0573 0x3280  TPM - ok
13:03:38.0595 0x3280  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:03:38.0624 0x3280  TrkWks - ok
13:03:38.0699 0x3280  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:03:38.0758 0x3280  TrustedInstaller - ok
13:03:38.0778 0x3280  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:03:38.0853 0x3280  TsUsbFlt - ok
13:03:38.0877 0x3280  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:03:38.0910 0x3280  TsUsbGD - ok
13:03:38.0957 0x3280  [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
13:03:38.0987 0x3280  tunnel - ok
13:03:39.0019 0x3280  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:03:39.0031 0x3280  uagp35 - ok
13:03:39.0046 0x3280  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:03:39.0057 0x3280  UASPStor - ok
13:03:39.0080 0x3280  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
13:03:39.0150 0x3280  UcmCx0101 - ok
13:03:39.0198 0x3280  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:03:39.0321 0x3280  UcmUcsi - ok
13:03:39.0346 0x3280  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
13:03:39.0360 0x3280  Ucx01000 - ok
13:03:39.0407 0x3280  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
13:03:39.0459 0x3280  UdeCx - ok
13:03:39.0483 0x3280  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:03:39.0507 0x3280  udfs - ok
13:03:39.0518 0x3280  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:03:39.0529 0x3280  UEFI - ok
13:03:39.0552 0x3280  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
13:03:39.0567 0x3280  Ufx01000 - ok
13:03:39.0585 0x3280  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:03:39.0598 0x3280  UfxChipidea - ok
13:03:39.0638 0x3280  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:03:39.0649 0x3280  ufxsynopsys - ok
13:03:39.0681 0x3280  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:03:39.0698 0x3280  UI0Detect - ok
13:03:39.0713 0x3280  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:03:39.0724 0x3280  uliagpkx - ok
13:03:39.0748 0x3280  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:03:39.0766 0x3280  umbus - ok
13:03:39.0786 0x3280  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:03:39.0818 0x3280  UmPass - ok
13:03:39.0876 0x3280  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:03:39.0909 0x3280  UmRdpService - ok
13:03:39.0981 0x3280  [ A4A5FF89F65D8D1AA3A769654AD8DBC0, 9C792595F7E90C6074BC0FF5A63C9A19449E2F2E2780087BBF12A72658437EE0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
13:03:40.0127 0x3280  UnistoreSvc - ok
13:03:40.0284 0x3280  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:03:40.0295 0x3280  UNS - ok
13:03:40.0339 0x3280  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:03:40.0381 0x3280  upnphost - ok
13:03:40.0404 0x3280  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
13:03:40.0415 0x3280  UrsChipidea - ok
13:03:40.0428 0x3280  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
13:03:40.0439 0x3280  UrsCx01000 - ok
13:03:40.0443 0x3280  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
13:03:40.0453 0x3280  UrsSynopsys - ok
13:03:40.0479 0x3280  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:03:40.0493 0x3280  usbccgp - ok
13:03:40.0522 0x3280  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:03:40.0554 0x3280  usbcir - ok
13:03:40.0569 0x3280  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:03:40.0580 0x3280  usbehci - ok
13:03:40.0630 0x3280  [ 15FE07A404C8A0CD306661433027FFE4, 250C5B4624EF062C88F49DCFEA00BFF1771EFE8B095EC4F0B51C99BB3F80EC66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:03:40.0651 0x3280  usbhub - ok
13:03:40.0701 0x3280  [ 7E51F2AD1D729F5CDBB6BE21CB58FEB7, 4C9CBC7BE52EE80E3734ACF9AA6FC106FBAA9AE15FCDACB7E5100ED5CC041E80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:03:40.0723 0x3280  USBHUB3 - ok
13:03:40.0763 0x3280  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:03:40.0872 0x3280  usbohci - ok
13:03:40.0899 0x3280  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:03:40.0979 0x3280  usbprint - ok
13:03:41.0015 0x3280  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
13:03:41.0111 0x3280  usbser - ok
13:03:41.0150 0x3280  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:03:41.0163 0x3280  USBSTOR - ok
13:03:41.0179 0x3280  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:03:41.0196 0x3280  usbuhci - ok
13:03:41.0216 0x3280  [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
13:03:41.0245 0x3280  usbvideo - ok
13:03:41.0269 0x3280  [ 0728504F9863774E56A54AE66C3F1E6B, 5BA3CC6D98A573AF10B56AF1748B39C83C92FC13E9D5CBF5B344C404A67D52DC ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:03:41.0288 0x3280  USBXHCI - ok
13:03:41.0381 0x3280  [ FD38DDBCC1699BAB0446B93C1245FE17, 0AADBE137FE4372C3FFF2E98CAB4522CBC16CA1CE9564FB3C53A896A1B4E6EC2 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
13:03:41.0490 0x3280  UserDataSvc - ok
13:03:41.0547 0x3280  [ E9E2B5FFBEFC2CDF14A6E55DD94CC823, A10C011835A65601B8FE3A30F361C224C60084A78085842ADCDA248047530CD1 ] UserManager     C:\WINDOWS\System32\usermgr.dll
13:03:41.0592 0x3280  UserManager - ok
13:03:41.0648 0x3280  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
13:03:41.0762 0x3280  UsoSvc - ok
13:03:41.0788 0x3280  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:03:41.0799 0x3280  VaultSvc - ok
13:03:41.0810 0x3280  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:03:41.0821 0x3280  vdrvroot - ok
13:03:41.0921 0x3280  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
13:03:41.0984 0x3280  vds - ok
13:03:42.0025 0x3280  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:03:42.0039 0x3280  VerifierExt - ok
13:03:42.0073 0x3280  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:03:42.0099 0x3280  vhdmp - ok
13:03:42.0125 0x3280  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
13:03:42.0155 0x3280  vhf - ok
13:03:42.0171 0x3280  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:03:42.0185 0x3280  vmbus - ok
13:03:42.0205 0x3280  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:03:42.0217 0x3280  VMBusHID - ok
13:03:42.0297 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:03:42.0329 0x3280  vmicguestinterface - ok
13:03:42.0352 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:03:42.0377 0x3280  vmicheartbeat - ok
13:03:42.0389 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:03:42.0414 0x3280  vmickvpexchange - ok
13:03:42.0426 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:03:42.0450 0x3280  vmicrdv - ok
13:03:42.0461 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:03:42.0486 0x3280  vmicshutdown - ok
13:03:42.0498 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:03:42.0523 0x3280  vmictimesync - ok
13:03:42.0535 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
13:03:42.0560 0x3280  vmicvmsession - ok
13:03:42.0572 0x3280  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:03:42.0596 0x3280  vmicvss - ok
13:03:42.0634 0x3280  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:03:42.0645 0x3280  volmgr - ok
13:03:42.0655 0x3280  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:03:42.0674 0x3280  volmgrx - ok
13:03:42.0684 0x3280  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:03:42.0702 0x3280  volsnap - ok
13:03:42.0735 0x3280  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:03:42.0746 0x3280  vpci - ok
13:03:42.0792 0x3280  [ 78836108CF5AC6A0B365AC50A72F16D6, 53130B29A84E1CB5E96B81137DF7CFA69BF2A3C7E884ED45069BA9F5438776C1 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
13:03:42.0807 0x3280  vpnagent - ok
13:03:42.0852 0x3280  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
13:03:42.0873 0x3280  vpnva - ok
13:03:42.0896 0x3280  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:03:42.0909 0x3280  vsmraid - ok
13:03:42.0968 0x3280  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
13:03:43.0039 0x3280  VSS - ok
13:03:43.0090 0x3280  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:03:43.0107 0x3280  VSTXRAID - ok
13:03:43.0148 0x3280  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:03:43.0209 0x3280  vwifibus - ok
13:03:43.0227 0x3280  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
13:03:43.0252 0x3280  vwififlt - ok
13:03:43.0256 0x3280  [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
13:03:43.0303 0x3280  vwifimp - ok
13:03:43.0356 0x3280  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
13:03:43.0394 0x3280  W32Time - ok
13:03:43.0410 0x3280  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:03:43.0433 0x3280  WacomPen - ok
13:03:43.0490 0x3280  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
13:03:43.0569 0x3280  WalletService - ok
13:03:43.0594 0x3280  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:03:43.0622 0x3280  wanarp - ok
13:03:43.0625 0x3280  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:03:43.0640 0x3280  wanarpv6 - ok
13:03:43.0716 0x3280  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:03:43.0844 0x3280  wbengine - ok
13:03:43.0888 0x3280  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:03:43.0974 0x3280  WbioSrvc - ok
13:03:44.0018 0x3280  [ A598CECB1834C9B1798D0D2CD1910F30, 6124F421C8D0AAC60A1F47DC4A3638934665E51852BC00BBE582F0CB89D844A8 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:03:44.0116 0x3280  Wcmsvc - ok
13:03:44.0169 0x3280  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:03:44.0202 0x3280  wcncsvc - ok
13:03:44.0242 0x3280  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:03:44.0320 0x3280  WcsPlugInService - ok
13:03:44.0340 0x3280  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:03:44.0351 0x3280  WdBoot - ok
13:03:44.0417 0x3280  [ 796D1C95894BC15B3FEF090C107CBA31, 97917C543CBC13288F2194CB09C3A2759012B74F0D72DDB0896EF42C87348C6D ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:03:44.0445 0x3280  Wdf01000 - ok
13:03:44.0485 0x3280  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:03:44.0502 0x3280  WdFilter - ok
13:03:44.0543 0x3280  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:03:44.0568 0x3280  WdiServiceHost - ok
13:03:44.0574 0x3280  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:03:44.0592 0x3280  WdiSystemHost - ok
13:03:44.0650 0x3280  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:03:44.0713 0x3280  wdiwifi - ok
13:03:44.0753 0x3280  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:03:44.0765 0x3280  WdNisDrv - ok
13:03:44.0810 0x3280  WdNisSvc - ok
13:03:44.0856 0x3280  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:03:44.0888 0x3280  WebClient - ok
13:03:44.0897 0x3280  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:03:44.0930 0x3280  Wecsvc - ok
13:03:44.0967 0x3280  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:03:44.0990 0x3280  WEPHOSTSVC - ok
13:03:45.0001 0x3280  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:03:45.0068 0x3280  wercplsupport - ok
13:03:45.0103 0x3280  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:03:45.0137 0x3280  WerSvc - ok
13:03:45.0141 0x3280  wfpcapture - ok
13:03:45.0156 0x3280  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
13:03:45.0170 0x3280  WFPLWFS - ok
13:03:45.0222 0x3280  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:03:45.0244 0x3280  WiaRpc - ok
13:03:45.0279 0x3280  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:03:45.0290 0x3280  WIMMount - ok
13:03:45.0292 0x3280  WinDefend - ok
13:03:45.0311 0x3280  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:03:45.0324 0x3280  WindowsTrustedRT - ok
13:03:45.0334 0x3280  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:03:45.0344 0x3280  WindowsTrustedRTProxy - ok
13:03:45.0402 0x3280  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:03:45.0506 0x3280  WinHttpAutoProxySvc - ok
13:03:45.0549 0x3280  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
13:03:45.0560 0x3280  WinMad - ok
13:03:45.0632 0x3280  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:03:45.0696 0x3280  Winmgmt - ok
13:03:45.0798 0x3280  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:03:45.0903 0x3280  WinRM - ok
13:03:45.0937 0x3280  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
13:03:45.0970 0x3280  WINUSB - ok
13:03:45.0991 0x3280  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
13:03:46.0002 0x3280  WinVerbs - ok
13:03:46.0105 0x3280  [ 11F106F92BCE6521878066C8D374BE4E, 4D72D686B3D8EECCDA13F318CA84D8747337B1A3612E17B0A2D5F422AE7C05AA ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:03:46.0192 0x3280  WlanSvc - ok
13:03:46.0281 0x3280  [ 043048A604EC6642B30676AE27E728FA, 82A095873CFB9DAFE985EFBEAD74C46090A2B6BE5B380EAA194A036AD8D292A8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:03:46.0413 0x3280  wlidsvc - ok
13:03:46.0423 0x3280  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:03:46.0453 0x3280  WmiAcpi - ok
13:03:46.0500 0x3280  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:03:46.0551 0x3280  wmiApSrv - ok
13:03:46.0580 0x3280  WMPNetworkSvc - ok
13:03:46.0631 0x3280  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:03:46.0645 0x3280  Wof - ok
13:03:46.0733 0x3280  [ B2D8EDBBC339D903BF4073FF7A8D251E, 989F3B94F084720A094C89FD5AF02B5D5BCE5FB127F323E1ADA2890B6AAB3535 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:03:46.0861 0x3280  workfolderssvc - ok
13:03:46.0893 0x3280  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:03:46.0904 0x3280  wpcfltr - ok
13:03:46.0966 0x3280  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:03:47.0040 0x3280  WPDBusEnum - ok
13:03:47.0082 0x3280  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:03:47.0092 0x3280  WpdUpFltr - ok
13:03:47.0139 0x3280  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
13:03:47.0226 0x3280  WpnService - ok
13:03:47.0267 0x3280  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:03:47.0291 0x3280  ws2ifsl - ok
13:03:47.0335 0x3280  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:03:47.0366 0x3280  wscsvc - ok
13:03:47.0370 0x3280  WSearch - ok
13:03:47.0468 0x3280  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
13:03:47.0604 0x3280  WSService - ok
13:03:47.0699 0x3280  [ A2C3482A6535792F5DD22C144261B170, 6C47BFD03E81C7998CF14AFC8CB850C2951D60FAFD4DB244AFBAF938F6A3B7AA ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:03:47.0883 0x3280  wuauserv - ok
13:03:47.0915 0x3280  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:03:47.0939 0x3280  WudfPf - ok
13:03:47.0987 0x3280  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:03:48.0023 0x3280  WUDFRd - ok
13:03:48.0074 0x3280  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:03:48.0098 0x3280  wudfsvc - ok
13:03:48.0170 0x3280  [ E818494D2C23282CCAA4EB4C0FCCF138, 6F975AF4DECB39D09DA8945473C69ECD451AB83039742FFC95D839EA29827B90 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:03:48.0299 0x3280  WwanSvc - ok
13:03:48.0358 0x3280  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
13:03:48.0400 0x3280  XblAuthManager - ok
13:03:48.0426 0x3280  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
13:03:48.0521 0x3280  XblGameSave - ok
13:03:48.0545 0x3280  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
13:03:48.0627 0x3280  xboxgip - ok
13:03:48.0682 0x3280  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
13:03:48.0789 0x3280  XboxNetApiSvc - ok
13:03:48.0809 0x3280  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
13:03:48.0860 0x3280  xinputhid - ok
13:03:48.0917 0x3280  [ CA8CEE913C0B177F85DDDB16622563C5, 46E389A2AE66AC238C965C663C9FBCA4CB6819AD61CBDAD98EE3405E0CC754CE ] YSearchUtilSvc  C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSvc.exe
13:03:48.0926 0x3280  YSearchUtilSvc - ok
13:03:48.0926 0x3280  ================ Scan global ===============================
13:03:48.0972 0x3280  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
13:03:49.0023 0x3280  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
13:03:49.0073 0x3280  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
13:03:49.0091 0x3280  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
13:03:49.0098 0x3280  [ Global ] - ok
13:03:49.0099 0x3280  ================ Scan MBR ==================================
13:03:49.0110 0x3280  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:03:49.0187 0x3280  \Device\Harddisk0\DR0 - ok
13:03:49.0187 0x3280  ================ Scan VBR ==================================
13:03:49.0218 0x3280  [ EEDA77E72D1DC409785370764A7EF6C2 ] \Device\Harddisk0\DR0\Partition1
13:03:49.0234 0x3280  \Device\Harddisk0\DR0\Partition1 - ok
13:03:49.0249 0x3280  [ DDA67136E3671C5E2B2178388AEE2EFB ] \Device\Harddisk0\DR0\Partition2
13:03:49.0260 0x3280  \Device\Harddisk0\DR0\Partition2 - ok
13:03:49.0270 0x3280  [ BE8FE5389A153F6BF3ECC293F604C397 ] \Device\Harddisk0\DR0\Partition3
13:03:49.0270 0x3280  \Device\Harddisk0\DR0\Partition3 - ok
13:03:49.0285 0x3280  [ CA535759C9507FC91DEF1247448C039E ] \Device\Harddisk0\DR0\Partition4
13:03:49.0299 0x3280  \Device\Harddisk0\DR0\Partition4 - ok
13:03:49.0327 0x3280  [ 16373F986529EEFFB9CB33EF14C9E23A ] \Device\Harddisk0\DR0\Partition5
13:03:49.0341 0x3280  \Device\Harddisk0\DR0\Partition5 - ok
13:03:49.0362 0x3280  [ 447E185D48785B0F74A10C6EF9E8965F ] \Device\Harddisk0\DR0\Partition6
13:03:49.0375 0x3280  \Device\Harddisk0\DR0\Partition6 - ok
13:03:49.0376 0x3280  ================ Scan generic autorun ======================
13:03:49.0817 0x3280  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:03:50.0060 0x3280  RTHDVCPL - ok
13:03:50.0122 0x3280  [ 97BB6425C86F46C2B21E0861421B6AE5, F8438C726672B20690B4CACA1E62C0D2460E5E886761E836CB56F221A348F72A ] C:\WINDOWS\system32\igfxtray.exe
13:03:50.0137 0x3280  IgfxTray - ok
13:03:50.0139 0x3280  HotKeysCmds - ok
13:03:50.0140 0x3280  Persistence - ok
13:03:50.0219 0x3280  [ B7BCA8A30CE13A283CDBDECEF5616C39, C734A8C3633653E0C903E7F14F574DEED763613F9E6A5CE7862D547CAE9AEDDB ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
13:03:50.0226 0x3280  ACMON - ok
13:03:50.0300 0x3280  [ 7C92202C43FF457EF2CEE7301973E3BA, DD89F47243DC84CBCDA6624A1CCEC22822EA4F3B8B75260D062713AB22A03FF4 ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
13:03:50.0390 0x3280  Samsung Link - ok
13:03:50.0473 0x3280  [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
13:03:50.0488 0x3280  AdobeAAMUpdater-1.0 - ok
13:03:50.0565 0x3280  [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
13:03:50.0573 0x3280  iTunesHelper - ok
13:03:50.0611 0x3280  [ E97140424C378ACBD47DF493A6AB7235, 00F26F670AD6B03C465C4FC834DC993B551B8A8E73B603FE7B9CFFA893094A3D ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
13:03:50.0618 0x3280  Adobe Reader Speed Launcher - ok
13:03:50.0676 0x3280  [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:03:50.0703 0x3280  Adobe ARM - ok
13:03:50.0742 0x3280  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:03:50.0749 0x3280  RemoteControl10 - ok
13:03:50.0873 0x3280  [ FF3ADE2620DD221C3E011DC614EA71EF, 572A0D40E30A1F8B2121B5B4AE9B46301CEF0E370318EAF1F8FC7916DE7470F2 ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
13:03:51.0054 0x3280  ASUSWebStorage - ok
13:03:51.0129 0x3280  [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:03:51.0136 0x3280  CLMLServer - ok
13:03:51.0230 0x3280  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
13:03:51.0237 0x3280  GrooveMonitor - ok
13:03:51.0321 0x3280  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:03:51.0343 0x3280  avgnt - ok
13:03:51.0365 0x3280  [ 5603A481CDEFF6733EA1759384117A61, 79189E198675D4B3B2E91C737AB596264FE15C16A54512D1117C70729CE88546 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
13:03:51.0383 0x3280  Cisco AnyConnect Secure Mobility Agent for Windows - ok
13:03:51.0450 0x3280  [ F2BC40E35AB242AA27BCD8FBA9D0B5CB, 4F89E1F57E8E4897D1614DAA852B0CBF7C1FD705641895E874C52377DC3F3403 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
13:03:51.0458 0x3280  Avira Systray - ok
13:03:51.0530 0x3280  [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:03:51.0542 0x3280  SunJavaUpdateSched - ok
13:03:51.0815 0x3280  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0065 0x3280  OneDriveSetup - ok
13:03:52.0271 0x3280  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0492 0x3280  OneDriveSetup - ok
13:03:52.0760 0x3280  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0978 0x3280  OneDriveSetup - ok
13:03:53.0077 0x3280  [ 9615F77B42907587DEBD6CA487317830, 71CB9484D079BCAD70C69D50C188A8BC07A3ED6D7EB90BE2749859E506FE696D ] C:\Program Files (x86)\Windows Mail\wab.exe
13:03:53.0151 0x3280  WAB Migrate - ok
13:03:53.0240 0x3280  [ 4016CE43255F0BE4FBE4A54F4500B021, 125A4BA4F0EF844F8320829ECED5D5CB1503A066E0D1A9D17702220F4C32F1E3 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
13:03:53.0247 0x3280  iCloudDrive - ok
13:03:53.0478 0x3280  [ 005B2B63719E6B3E8E2E1446A9278F8E, 0A34046B0205A2FEEE5E2867765D171D7BA420A1527E49472A35B484219BD377 ] C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:03:53.0530 0x3280  Spotify Web Helper - ok
13:03:53.0642 0x3280  [ F820401D0D2754C3A78C707927058A41, EF7544448D6AD8C8B41F71E767101ABF7A496B84130CFCD9004836F46C1D7D18 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
13:03:53.0662 0x3280  GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD - ok
13:03:53.0791 0x3280  [ 1036A5756F04CBA6C7F01DEEEECF8AC6, A753557051177A292C07E936952558E266A3038FC60C324EDF7333B32E635F19 ] C:\Program Files (x86)\Adguard\Adguard.exe
13:03:53.0831 0x3280  Adguard - ok
13:03:54.0045 0x3280  [ 1714D2B9D03CD71541AFD1FA0ED23759, B8CA2496B250A5257BEF290445FC998560317D9851A0D75CE9BBA4243D002CD5 ] C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
13:03:54.0193 0x3280  Spotify - ok
13:03:54.0402 0x3280  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:54.0645 0x3280  OneDriveSetup - ok
13:03:54.0721 0x3280  [ 9615F77B42907587DEBD6CA487317830, 71CB9484D079BCAD70C69D50C188A8BC07A3ED6D7EB90BE2749859E506FE696D ] C:\Program Files (x86)\Windows Mail\wab.exe
13:03:54.0749 0x3280  WAB Migrate - ok
13:03:54.0750 0x3280  Waiting for KSN requests completion. In queue: 264
13:03:55.0751 0x3280  Waiting for KSN requests completion. In queue: 264
13:03:56.0751 0x3280  Waiting for KSN requests completion. In queue: 264
13:03:57.0762 0x3280  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
13:03:57.0780 0x3280  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
13:03:57.0788 0x3280  Win FW state via NFP2: enabled ( trusted )
13:04:00.0143 0x3280  ============================================================
13:04:00.0143 0x3280  Scan finished
13:04:00.0143 0x3280  ============================================================
13:04:00.0150 0x329c  Detected object count: 0
13:04:00.0150 0x329c  Actual detected object count: 0
13:04:16.0671 0x29ec  Deinitialize success
         

Alt 15.08.2015, 06:07   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.08.2015, 13:48   #9
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Adw Cleaner

Code:
ATTFilter
# AdwCleaner v4.201 - Bericht erstellt 16/08/2015 um 14:16:27
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-08-16.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Kris - MUEEMUII
# Gestarted von : C:\Users\Kris\Desktop\adwcleaner_4.201 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Kris\AppData\Local\YSearchUtil

***** [ Geplante Tasks ] *****

Task Gelöscht : simplitec Power Suite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.10240.16412


-\\ Mozilla Firefox v


-\\ Google Chrome v44.0.2403.155


*************************

AdwCleaner[R0].txt - [11873 Bytes] - [10/03/2014 21:10:12]
AdwCleaner[R1].txt - [1949 Bytes] - [18/05/2014 19:37:26]
AdwCleaner[R2].txt - [1554 Bytes] - [09/07/2014 19:37:47]
AdwCleaner[R3].txt - [1814 Bytes] - [22/11/2014 16:28:27]
AdwCleaner[R4].txt - [2133 Bytes] - [21/03/2015 17:31:22]
AdwCleaner[R5].txt - [3573 Bytes] - [09/04/2015 11:28:52]
AdwCleaner[R6].txt - [2964 Bytes] - [18/04/2015 21:57:34]
AdwCleaner[R7].txt - [2965 Bytes] - [18/04/2015 21:58:04]
AdwCleaner[R8].txt - [2906 Bytes] - [19/04/2015 20:44:40]
AdwCleaner[R9].txt - [2050 Bytes] - [16/08/2015 14:13:23]
AdwCleaner[S0].txt - [10400 Bytes] - [10/03/2014 21:11:47]
AdwCleaner[S1].txt - [2010 Bytes] - [18/05/2014 19:40:25]
AdwCleaner[S2].txt - [1875 Bytes] - [22/11/2014 16:33:48]
AdwCleaner[S3].txt - [2138 Bytes] - [21/03/2015 17:35:13]
AdwCleaner[S4].txt - [3024 Bytes] - [18/04/2015 21:58:56]
AdwCleaner[S5].txt - [2965 Bytes] - [19/04/2015 20:45:51]
AdwCleaner[S6].txt - [1924 Bytes] - [16/08/2015 14:16:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1983  Bytes] ##########
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 10 Home x64
Ran by Kris on 16.08.2015 at 14:32:30,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Kris\AppData\Roaming\my_intel.sys
Successfully deleted: [File] C:\Users\Kris\AppData\Roaming\sp_data.sys
Successfully deleted: [File] C:\Users\Kris\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage
Successfully deleted: [File] C:\Users\Kris\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage-journal



~~~ Folders



~~~ Chrome


[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.08.2015 at 14:36:36,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Teil 1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von Kris (Administrator) auf MUEEMUII (16-08-2015 14:42:05)
Gestartet von C:\Users\Kris\Desktop
Geladene Profile: Kris (Verfügbare Profile: UpdatusUser & Kris & Gast)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22]
CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22]
CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14]
CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14]
CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19]
CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14]
CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22]
CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22]
CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31]
CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22]
CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28]
CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation)
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-16 14:36 - 2015-08-16 14:36 - 00001651 _____ C:\Users\Kris\Desktop\JRT.txt
2015-08-16 14:32 - 2015-08-16 14:32 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Kris\Desktop\JRT.exe
2015-08-16 14:25 - 2015-08-16 14:25 - 00002063 _____ C:\Users\Kris\Desktop\AdwCleaner[S6].txt
2015-08-16 14:22 - 2015-08-16 14:22 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin
2015-08-16 02:28 - 2015-08-12 10:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-16 02:28 - 2015-08-12 10:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-14 19:04 - 2015-08-16 14:25 - 00001865 _____ C:\Users\Kris\Desktop\chrome - Verknüpfung.lnk
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Downloads\mbae-setup-1.07.1.1015.exe
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Desktop\mbae-setup-1.07.1.1015 (1).exe
2015-08-14 15:54 - 2015-08-16 14:25 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-08-14 13:00 - 2015-08-14 13:00 - 04383777 _____ C:\Users\Kris\Desktop\tdsskiller31.zip
2015-08-14 12:59 - 2015-08-14 12:59 - 01199392 _____ C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe
2015-08-14 12:02 - 2015-08-14 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-14 11:54 - 2015-08-14 13:06 - 00000000 ____D C:\Users\Kris\Desktop\mbar
2015-08-14 11:51 - 2015-08-14 11:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kris\Desktop\mbar-1.09.1.1004.exe
2015-08-13 16:07 - 2015-08-13 16:07 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-08-13 16:06 - 2015-08-13 16:06 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-08-13 15:52 - 2015-08-13 15:52 - 00020966 _____ C:\Users\Kris\Desktop\FRST.rar
2015-08-13 15:15 - 2015-08-13 15:15 - 00931408 _____ (Google Inc.) C:\Users\Kris\Downloads\ChromeSetup.exe
2015-08-13 15:15 - 2015-08-13 15:15 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-13 14:59 - 2015-08-13 14:59 - 00281672 _____ C:\WINDOWS\Minidump\081315-24453-01.dmp
2015-08-13 14:55 - 2015-08-13 15:00 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-13 14:53 - 2015-08-13 15:04 - 00000000 ____D C:\WINDOWS\pss
2015-08-13 14:27 - 2015-08-13 14:27 - 00309880 _____ C:\WINDOWS\Minidump\081315-37734-01.dmp
2015-08-13 14:26 - 2015-08-13 14:26 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:26 - 2015-08-13 14:26 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:06 - 2015-08-13 14:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-13 14:06 - 2015-08-13 14:06 - 00314784 _____ C:\WINDOWS\Minidump\081315-50421-01.dmp
2015-08-13 14:05 - 2015-08-13 14:59 - 453504137 _____ C:\WINDOWS\MEMORY.DMP
2015-08-13 13:59 - 2015-08-13 14:01 - 00380416 _____ C:\Users\Kris\Desktop\Gmer-19357.exe
2015-08-13 13:54 - 2015-08-13 15:49 - 00081290 _____ C:\Users\Kris\Desktop\Addition.txt
2015-08-13 13:52 - 2015-08-16 14:42 - 00035745 _____ C:\Users\Kris\Desktop\FRST.txt
2015-08-13 13:52 - 2015-08-13 13:52 - 02173952 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log
2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable
2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe
2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 20:56 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 20:56 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 20:56 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 20:56 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 20:56 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 20:56 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 20:56 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 20:56 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 20:56 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 20:56 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 20:56 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 20:56 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 20:56 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 20:56 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 20:56 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 20:56 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 20:56 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 20:56 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 20:56 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 20:56 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 20:56 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 20:56 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 20:56 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 20:56 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 20:56 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 20:56 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 20:56 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 20:56 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 20:56 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 20:56 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 20:56 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 20:56 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge
2015-08-10 17:41 - 2015-08-16 02:20 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles
2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers
2015-08-08 10:21 - 2015-08-08 10:23 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms
2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer
2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2015-08-08 04:15 - 2015-08-13 16:07 - 00067354 _____ C:\WINDOWS\DPINST.LOG
2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery
2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old
2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-07 21:08 - 2015-08-13 15:04 - 00000000 ____D C:\Users\Kris
2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast
2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 20:58 - 2015-08-16 14:19 - 00012090 _____ C:\WINDOWS\PFRO.log
2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log
2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF
2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys
2015-07-20 22:20 - 2015-08-14 17:49 - 00000000 ____D C:\Program Files (x86)\Hippsoft
2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip
2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe
2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 20:40 - 2015-07-17 20:54 - 00011112 ____H C:\Users\Kris\Desktop\~WRL0006.tmp
         

Alt 16.08.2015, 13:49   #10
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



FRST Teil 2

Code:
ATTFilter
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-16 14:42 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-16 14:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-16 14:30 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 14:26 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-16 14:26 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-16 14:24 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-16 14:24 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 14:22 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 14:22 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-16 14:19 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 14:19 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 14:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-16 14:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-16 14:16 - 2014-03-10 21:10 - 00000000 ____D C:\AdwCleaner
2015-08-16 14:10 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-16 14:10 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-16 14:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-16 13:56 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-16 13:52 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 13:51 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-16 03:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-15 12:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-14 18:52 - 2012-10-13 11:50 - 00000000 ____D C:\WINDOWS\ASUSProductDemoMovie
2015-08-14 17:52 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 11:55 - 2015-04-19 17:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-14 11:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 21:46 - 2015-07-10 14:20 - 00020861 _____ C:\WINDOWS\setupact.log
2015-08-13 14:22 - 2012-10-26 22:10 - 00002330 _____ C:\Users\Kris\Desktop\Google Chrome.lnk
2015-08-13 14:19 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-17 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat


Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdhbm1q.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\Quarantine.exe
C:\Users\Kris\AppData\Local\Temp\sqlite3.dll
C:\Users\Kris\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-07 20:58

==================== Ende von Ergebnis ============================
         

Alt 17.08.2015, 07:17   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.08.2015, 00:14   #12
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



Die Auslastung des Arbeitsspeichers durch system.exe ist immernoch konstant zwischen 50 und 60%, das irritiert mich nach wie vor.

Die unerwünschten Tabs mit Werbung im Browser tauchen immer noch in unregelmäßigen Abständen auf (tradeadexchange.com laut Google ein Redirect Virus)

Der Laptop erwacht neuerdings von selbst aus dem Ruhezustand, im zugeklappten Zustand, ohne mein Zutun.

ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# engine=23456
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-19 05:16:10
# local_time=2015-04-19 07:16:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3119038 30563768 0 0
# scanned=372994
# found=24
# cleaned=24
# scan_time=7413
sh=03DA527ADCC24EB7FF12CD2D44FD8274F5F29740 ft=1 fh=783ba74c95f91fff vn="Variante von Win32/KBM.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-2324392281-2098655948-2250387561-1002\$RFA7Y2W\Downloads\TubeBoxSetup_3.6.exe"
sh=296D957AB83527E175A38C3525B3718A832EB5D1 ft=1 fh=4df0223cfa146604 vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\FoxTab\1.8.12.0\uninstall.exe.vir"
sh=52972C9675D994680B2005684774DC696DB8B4F4 ft=1 fh=5fee560e97c297ec vn="Variante von Win32/Toolbar.CrossRider.BP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\Uninstall.exe.vir"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\102_dealply_m.js.vir"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\103_intext_5_m.js.vir"
sh=30630D311A124BA372D209C02247D8A4238E3610 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\104_jollywallet_m.js.vir"
sh=04253E738106628805978963C1648F429CD2A08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\105_corticas_m.js.vir"
sh=E5DA6BC389AFE8C4BE0D4BDF007094964623BEE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\123_intext_adv_m.js.vir"
sh=84CA9AA694BCAE4779C18F493E7083124A3126C5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=D9DF0722882055C5C11AFD602D505B2E7EA9AFC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\191_ciuvo_m.js.vir"
sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\1_base.js.vir"
sh=04233EDE7DF01DAC825FEAD78765038021632584 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\217_similar_products_m.js.vir"
sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\21_debug.js.vir"
sh=7CD82C8AAFF59D7A1E7625012490985C70AD0157 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\223_imonomy_m.js.vir"
sh=5E80029240BA4FF3B3E3010BB40E6867D0999160 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\226_set_campaign_id_m.js.vir"
sh=DE138BFD2293B4197712198C41377CE6A89E6200 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js.vir"
sh=E0F8250FB3FFBCB394862C11971C43A7B3B6BD17 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js.vir"
sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\28_initializer.js.vir"
sh=912FAF0450579FD05E9707FC66B1902406FCA106 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=CCE2C38E8E351E54EF7624D60D5C8E8943A8C1D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\crossriderAPI.js.vir"
sh=E337F837D913C4B95AB15A2F3B0B8BB3DE1F24CD ft=1 fh=c36220f4d76b2bd7 vn="Variante von Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kris\Downloads\COMPUTER_BILD_Download_Manager_fuer_super.exe"
sh=0818187D30162FA4097CA2720BBD8BFD12954F96 ft=1 fh=7453b3f781b5f728 vn="Win32/Somoto.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kris\Downloads\spotydl_setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# end=init
# utc_time=2015-08-17 06:34:59
# local_time=2015-08-17 08:34:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 25319
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# end=updated
# utc_time=2015-08-17 06:37:43
# local_time=2015-08-17 08:37:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# engine=25319
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-17 11:01:41
# local_time=2015-08-18 01:01:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 124266 3326513 0 0
# scanned=547050
# found=20
# cleaned=0
# scan_time=15838
sh=19D455644F52F420BF86992C52DB41BC4F7E417D ft=1 fh=babc80087522ba7f vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2324392281-2098655948-2250387561-1002\$RFA7Y2W\Downloads\iLividSetupV1.exe"
sh=3B861553E2E5AB5258BAE46D7A6FD4EAE9705B69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\19_CHAppAPIWrapper.js.vir"
sh=34C11A75B2A93EDE2B3B945AA6A09250EF5C06F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\background.js.vir"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\chrome.js.vir"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\cookie.js.vir"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\message.js.vir"
sh=F12AB7ECE7B656776B6C51962B568E2ABCDE1D4D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\monitor.js.vir"
sh=CA4563F63D05349DF3C504C456185B7559177496 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\bg_app_api.js.vir"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\cookie_store.js.vir"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\events.js.vir"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\onBGDocumentLoad.js.vir"
sh=09D5AE4A80F65C6B9123A1F494E3E181BF3C46FD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\reports.js.vir"
sh=BE038417E468CAA3BBA91CFFD2F554922504407C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\util.js.vir"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\xhr.js.vir"
sh=857298C245BA0FF941DEEB2076909FAAA104753C ft=1 fh=2c1a80c17e3381fc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\AppData\Local\Temp\DMR\dmr_72.exe"
sh=C9C69D7E104EA42CAC6878C0E279E554F3A11786 ft=1 fh=c8da3fa161fa276a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe"
sh=CCC3C605E77CEC47B534E10C0FFCFF4D6C35CEEE ft=1 fh=99083e1f788b276c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\CPUCooL - CHIP-Installer.exe"
sh=888532B25A4A5C9198CD66B079F429D3422299BA ft=1 fh=781e833f0d214a22 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe"
sh=3CC59BF055481B3EF66FD60CDB20AEFF405B1D65 ft=1 fh=3b342e5d960a15c0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\PDF XChange Viewer - CHIP-Installer.exe"
sh=E44E6F3626CF698E642A56062DBE63EEBB12B8D2 ft=1 fh=37f4854510caa11a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Kris\AppData\Local\Temp\DMR\dmr_72.exe"
         

Security Check:

Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 8 Update 51  
 Google Chrome (44.0.2403.155) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Exploit mbae-svc.exe   
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Malwarebytes Anti-Exploit mbae64.exe   
 Malwarebytes Anti-Exploit mbae.exe   
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Geändert von Itkuraita (18.08.2015 um 00:27 Uhr)

Alt 18.08.2015, 00:15   #13
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



FRST 1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Kris (Administrator) auf MUEEMUII (18-08-2015 01:08:16)
Gestartet von C:\Users\Kris\Desktop
Geladene Profile: Kris &  (Verfügbare Profile: UpdatusUser & Kris & Gast)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Kris\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22]
CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22]
CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14]
CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14]
CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19]
CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14]
CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22]
CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22]
CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31]
CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22]
CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28]
CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [Datei ist nicht signiert]
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
U1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 01:08 - 2015-08-18 01:08 - 00000000 ____D C:\Users\Kris\Desktop\FRST-OlderVersion
2015-08-18 00:44 - 2015-08-18 00:44 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin
2015-08-17 20:39 - 2015-08-18 01:02 - 00852684 _____ C:\Users\Kris\Desktop\SecurityCheck.exe
2015-08-17 20:33 - 2015-08-17 20:33 - 02870984 _____ (ESET) C:\Users\Kris\Desktop\esetsmartinstaller_deu (1).exe
2015-08-16 23:51 - 2015-08-16 23:51 - 01260832 _____ C:\Users\Kris\Downloads\CPUCooL - CHIP-Installer.exe
2015-08-16 23:51 - 2015-08-16 23:51 - 00001066 _____ C:\Users\Kris\Desktop\CPUCooL.lnk
2015-08-16 23:51 - 2015-08-16 23:51 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPUCooL
2015-08-16 23:51 - 2015-08-16 23:51 - 00000000 ____D C:\Program Files (x86)\CPUCooL
2015-08-16 16:08 - 2015-08-16 16:09 - 00000401 _____ C:\Users\Kris\AppData\Roaming\sp_data.sys
2015-08-16 16:02 - 2015-08-16 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-08-16 14:36 - 2015-08-16 14:36 - 00001651 _____ C:\Users\Kris\Desktop\JRT.txt
2015-08-16 14:32 - 2015-08-16 14:32 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Kris\Desktop\JRT.exe
2015-08-16 14:25 - 2015-08-16 14:25 - 00002063 _____ C:\Users\Kris\Desktop\AdwCleaner[S6].txt
2015-08-16 02:28 - 2015-08-12 10:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-16 02:28 - 2015-08-12 10:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-14 19:04 - 2015-08-16 14:25 - 00001865 _____ C:\Users\Kris\Desktop\chrome - Verknüpfung.lnk
2015-08-14 18:51 - 2015-08-16 22:48 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Downloads\mbae-setup-1.07.1.1015.exe
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Desktop\mbae-setup-1.07.1.1015 (1).exe
2015-08-14 15:54 - 2015-08-16 16:12 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-08-14 13:00 - 2015-08-14 13:00 - 04383777 _____ C:\Users\Kris\Desktop\tdsskiller31.zip
2015-08-14 12:59 - 2015-08-14 12:59 - 01199392 _____ C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe
2015-08-14 12:02 - 2015-08-14 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-14 11:54 - 2015-08-14 13:06 - 00000000 ____D C:\Users\Kris\Desktop\mbar
2015-08-14 11:51 - 2015-08-14 11:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kris\Desktop\mbar-1.09.1.1004.exe
2015-08-13 16:07 - 2015-08-13 16:07 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-08-13 16:06 - 2015-08-13 16:06 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-08-13 15:52 - 2015-08-13 15:52 - 00020966 _____ C:\Users\Kris\Desktop\FRST.rar
2015-08-13 15:15 - 2015-08-13 15:15 - 00931408 _____ (Google Inc.) C:\Users\Kris\Downloads\ChromeSetup.exe
2015-08-13 15:15 - 2015-08-13 15:15 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-13 14:59 - 2015-08-13 14:59 - 00281672 _____ C:\WINDOWS\Minidump\081315-24453-01.dmp
2015-08-13 14:55 - 2015-08-13 15:00 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-13 14:53 - 2015-08-13 15:04 - 00000000 ____D C:\WINDOWS\pss
2015-08-13 14:27 - 2015-08-13 14:27 - 00309880 _____ C:\WINDOWS\Minidump\081315-37734-01.dmp
2015-08-13 14:26 - 2015-08-13 14:26 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:26 - 2015-08-13 14:26 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:06 - 2015-08-13 14:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-13 14:06 - 2015-08-13 14:06 - 00314784 _____ C:\WINDOWS\Minidump\081315-50421-01.dmp
2015-08-13 14:05 - 2015-08-13 14:59 - 453504137 _____ C:\WINDOWS\MEMORY.DMP
2015-08-13 13:59 - 2015-08-13 14:01 - 00380416 _____ C:\Users\Kris\Desktop\Gmer-19357.exe
2015-08-13 13:54 - 2015-08-13 15:49 - 00081290 _____ C:\Users\Kris\Desktop\Addition.txt
2015-08-13 13:52 - 2015-08-18 01:08 - 02173440 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2015-08-13 13:52 - 2015-08-18 01:08 - 00046104 _____ C:\Users\Kris\Desktop\FRST.txt
2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log
2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable
2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe
2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 20:56 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 20:56 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 20:56 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 20:56 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 20:56 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 20:56 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 20:56 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 20:56 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 20:56 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 20:56 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 20:56 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 20:56 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 20:56 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 20:56 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 20:56 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 20:56 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 20:56 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 20:56 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 20:56 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 20:56 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 20:56 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 20:56 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 20:56 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 20:56 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 20:56 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 20:56 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 20:56 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 20:56 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 20:56 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 20:56 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 20:56 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 20:56 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge
2015-08-10 17:41 - 2015-08-17 17:54 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles
2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers
2015-08-08 10:21 - 2015-08-08 10:23 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms
2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer
2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2015-08-08 04:15 - 2015-08-13 16:07 - 00067354 _____ C:\WINDOWS\DPINST.LOG
2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery
2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old
2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-07 21:08 - 2015-08-13 15:04 - 00000000 ____D C:\Users\Kris
2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast
2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 20:58 - 2015-08-16 14:19 - 00012090 _____ C:\WINDOWS\PFRO.log
2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log
2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF
2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys
2015-07-20 22:20 - 2015-08-14 17:49 - 00000000 ____D C:\Program Files (x86)\Hippsoft
2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip
2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe
2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes
         

Alt 18.08.2015, 00:16   #14
Itkuraita
 
Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



FRST 2

Code:
ATTFilter
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 01:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-18 01:08 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-18 01:06 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-18 00:51 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-18 00:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-18 00:32 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-18 00:32 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-18 00:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-17 23:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-17 22:42 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-17 22:36 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-17 21:52 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-17 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-16 16:12 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-16 16:11 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-16 16:09 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-16 16:07 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-16 16:06 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 16:05 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 16:02 - 2012-08-17 02:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-16 14:16 - 2014-03-10 21:10 - 00000000 ____D C:\AdwCleaner
2015-08-16 14:10 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-16 13:53 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-15 12:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 18:52 - 2012-10-13 11:50 - 00000000 ____D C:\WINDOWS\ASUSProductDemoMovie
2015-08-14 17:52 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 11:55 - 2015-04-19 17:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-14 11:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 21:46 - 2015-07-10 14:20 - 00020861 _____ C:\WINDOWS\setupact.log
2015-08-13 14:22 - 2012-10-26 22:10 - 00002330 _____ C:\Users\Kris\Desktop\Google Chrome.lnk
2015-08-13 14:19 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2015-08-16 16:08 - 2015-08-16 16:09 - 0000401 _____ () C:\Users\Kris\AppData\Roaming\sp_data.sys
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat


Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxjpwk4.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\Quarantine.exe
C:\Users\Kris\AppData\Local\Temp\sqlite3.dll
C:\Users\Kris\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-07 20:58

==================== Ende von Ergebnis ============================
         

Alt 18.08.2015, 18:44   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Standard

Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem



IN welchem Browser? Oder in Mehreren?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem
adware, antivirus, auslastung, avira, bluescreen, computer, excel, feedback, helper, hängen, installation, internet, internet explorer, langsam, onedrive, problem, prozess, registry, rundll, safer networking, server, software, taskmanager, tracker, updates, usb, werbung, win 10, windows, windowsapps, zugriff verweigert



Ähnliche Themen: Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem


  1. Taskmanager, verschiedene Diensthoster, Dateipfad Win, system 32 , svchost hohe Auslastung
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (24)
  2. Problem svchost.exe erzeugt hohe RAM-Auslastung
    Plagegeister aller Art und deren Bekämpfung - 06.05.2015 (26)
  3. hohe CPU Auslastung nach Adware
    Log-Analyse und Auswertung - 21.04.2015 (16)
  4. Neuer Acer-Laptop kaum nutzbar: Sehr hohe Auslastung von Arbeitsspeicher und Datenträger
    Alles rund um Windows - 16.03.2015 (7)
  5. Win7 System sehr träge, svchost.exe hohe Auslastung
    Log-Analyse und Auswertung - 12.01.2015 (13)
  6. Habe ein Problem mit svchost. (Hohe auslastung des Arbeitsspeichers)
    Log-Analyse und Auswertung - 03.05.2014 (17)
  7. System / Ntoskrnl verursachen sehr hohe HDD-Auslastung | Windows 8.1
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (3)
  8. Hohe Arbeitsspeicher Auslastung!
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (7)
  9. System und Programmabstürze, hohe Cpu Auslastung und unflüssige Wiedergabe von Medien
    Log-Analyse und Auswertung - 23.02.2012 (16)
  10. Hohe Arbeitsspeicher- & CPU-Auslastung
    Log-Analyse und Auswertung - 03.08.2011 (0)
  11. Hohe CPU Auslastung beim Prozess System
    Log-Analyse und Auswertung - 08.03.2011 (7)
  12. Prozess System hohe cpu auslastung
    Log-Analyse und Auswertung - 25.09.2009 (7)
  13. nvsvc32.exe sorgt für hohe cpu
    Log-Analyse und Auswertung - 22.07.2009 (0)
  14. Hohe Proz.auslastung, möglicherweise Winfax Pro das Problem?
    Log-Analyse und Auswertung - 13.07.2009 (0)
  15. Hohe System-Auslastung! Bitte untersuchen!
    Log-Analyse und Auswertung - 01.07.2007 (2)
  16. Prozess 'System' sorgt für dauerhafte CPU-Auslastung von 100% nach Einwahl ins Inet
    Plagegeister aller Art und deren Bekämpfung - 16.05.2007 (2)
  17. Prozess System hat hohe CPU Auslastung
    Log-Analyse und Auswertung - 20.09.2006 (10)

Zum Thema Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem - Hallo, seit ich vor einigen Tagen den Upgrade auf Win 10 durchgeführt habe, ist mir aufgefallen, dass im Taskmanager system.exe eine ständige Auslastung des Arbeitsspeichers mit 50-60% aufweist. Der Rechner - Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem...
Archiv
Du betrachtest: Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.