PC gehackt und Screenshots via Facebook verschickt

CaptainM · 28.04.2016, 16:31

Hallo zusammen,

das ist mein erster Eintrag hier im Forum und ich hoffe, dass ich im richtigen Thread gelandet bin.

Nun zu meinem Problem. Schon seit einiger Zeit macht sich meine Maus teilweise selbstständig, in dem Sinne, dass sie sich nicht in die Richtung bewegt, in die ich sie lenke, sondern sie hin und her flackert. Das Problem verschwand allerdings meist nach sehr kurzer Zeit wieder (ca 10-15 sek) weshalb ich immer nur auf einen Hardwarefehler getippt habe und es nicht wirklich ernst genommen habe.
Seit ca 3 Tagen ist unser WLAN vor allem abends extrem langsam, sodass wir nicht mal mehr Videos auf Youtube anschauen können. Tagsüber ist dies nicht der Fall.
Das Schlüsselerlebnis geschah allerdings gestern Abend. Zunächst chattete ich mit einem Kumpel bei Facebook über ein Facebook-Video, das er mir zuvor geschickt hatte. Im Verlauf der Unterhaltung wurde meinem Kumpel -von meinem Account aus- ein Bild bzw ein Screenshot von meinem Computer geschickt, auf dem zu sehen ist, wie ich mich im Browser auf einer Pornoseite befinde. Der Screenshot wurde ca 4 Stunden vor unserer Facebook-Unterhaltung aufgenommen und ihm dann letztendlich bei Facebook, von einer fremden Person allerdings über meinen Account, geschickt.
Sofort änderte ich das Facebook- sowie E-Mail-Passwort und lies mich von allen Geräten bei Facebook abmelden.
Habe nun erst mal Avira per 'Full Scan' durchlaufen lassen , wobei es 5 Funde gab, von denen sich einer nicht löschen lässt und er auch nach nochmaligem suchdurchlauf immer noch da ist: PUA/SearchProtect.191901
Auch AdwCleaner ließ ich durchlaufen und im Nachhinein alle Funde löschen.

Nun ist meine größte Befürchtung, dass jemand sich in meinen PC gehackt hat, vollständigen Zugriff auf ihn hat und er aufgrund der Screenshots sogar live sehen kann, was ich gerade am Laptop mache. Da er diesen 'peinlichen' Screenshot per Facebook weiter geschickt hat, befürchte ich, dass es sich nicht um einen Trojaner oder ähnliches handelt, sondern dass die Person meinen Interneverkehr live überwacht hat und das Bild bewusst weiter geschickt hat, um mir zu Schaden.
Wie soll ich nun am besten Verfahren?

Mit freundlichen Grüßen und Danke im Voraus

CaptainM

burningice · 29.04.2016, 10:39

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Zitat:

abe nun erst mal Avira per 'Full Scan' durchlaufen lassen , wobei es 5 Funde gab

Potste dazu bitte das Logfile.

Schritt: 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt: 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

CaptainM · 29.04.2016, 13:22

Hallo Rafael,

vielen Dank schon mal für deine Hilfe.

Hier ist zuerst die Logfile von Avira:

Code:

ATTFilter

Free Antivirus
Report file date: Donnerstag, 28. April 2016  12:12


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 10 Home
Windows version : (plain)  [10.0.10586]
Boot mode       : Normally booted
Username        : UNI
Computer name   : LENOVO-PC

Version information:
build.dat       : 15.0.16.282    92460 Bytes  22.02.2016 16:45:00
AVSCAN.EXE      : 15.0.16.276  1235360 Bytes  11.03.2016 14:35:21
AVSCANRC.DLL    : 15.0.16.268    55480 Bytes  11.03.2016 14:35:21
LUKE.DLL        : 15.0.16.273    67840 Bytes  11.03.2016 14:35:47
AVSCPLR.DLL     : 15.0.16.280   130712 Bytes  11.03.2016 14:35:21
REPAIR.DLL      : 15.0.16.251   596760 Bytes  11.03.2016 14:35:19
repair.rdf      : 1.0.16.90    1598982 Bytes  27.04.2016 15:24:08
AVREG.DLL       : 15.0.16.273   350584 Bytes  11.03.2016 14:35:18
avlode.dll      : 15.0.16.276   721384 Bytes  11.03.2016 14:35:16
avlode.rdf      : 14.0.5.36      94056 Bytes  01.03.2016 16:01:22
XBV00008.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00009.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00010.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00011.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00012.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00013.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00014.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00015.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00016.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00017.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00018.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00019.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00020.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00021.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00022.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00023.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00024.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00025.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00026.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:15
XBV00027.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00028.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00029.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00030.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00031.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00032.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00033.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00034.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00035.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00036.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00037.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00038.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00039.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00040.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00041.VDF    : 8.12.37.66      2048 Bytes  17.12.2015 19:19:16
XBV00182.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00183.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00184.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00185.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00186.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00187.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00188.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00189.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00190.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00191.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00192.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00193.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00194.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00195.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00196.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00197.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00198.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00199.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:02
XBV00200.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00201.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00202.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00203.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00204.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00205.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00206.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00207.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00208.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00209.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00210.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00211.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00212.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00213.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00214.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00215.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00216.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00217.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00218.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00219.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00220.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00221.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00222.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00223.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00224.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00225.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00226.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00227.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00228.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00229.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:03
XBV00230.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00231.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00232.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00233.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00234.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00235.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00236.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00237.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00238.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00239.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00240.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00241.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00242.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00243.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00244.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00245.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00246.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00247.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00248.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00249.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00250.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00251.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00252.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00253.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00254.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00255.VDF    : 8.12.80.192     2048 Bytes  13.04.2016 13:03:04
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 09:23:34
XBV00001.VDF    : 7.11.237.0  48041984 Bytes  02.06.2015 19:19:09
XBV00002.VDF    : 7.12.37.36  16452096 Bytes  17.12.2015 19:19:15
XBV00003.VDF    : 8.12.44.142  3948032 Bytes  09.01.2016 23:42:03
XBV00004.VDF    : 8.12.52.208  4036096 Bytes  02.02.2016 11:21:11
XBV00005.VDF    : 8.12.62.184  2779136 Bytes  26.02.2016 21:30:56
XBV00006.VDF    : 8.12.71.186  2191360 Bytes  19.03.2016 12:01:36
XBV00007.VDF    : 8.12.80.192  3617280 Bytes  13.04.2016 13:02:57
XBV00042.VDF    : 8.12.80.194    49152 Bytes  13.04.2016 13:02:57
XBV00043.VDF    : 8.12.80.210     2048 Bytes  13.04.2016 13:02:57
XBV00044.VDF    : 8.12.80.226     2048 Bytes  13.04.2016 13:02:57
XBV00045.VDF    : 8.12.80.242    33792 Bytes  13.04.2016 13:02:58
XBV00046.VDF    : 8.12.81.34     67072 Bytes  13.04.2016 01:01:41
XBV00047.VDF    : 8.12.81.50      2048 Bytes  13.04.2016 01:01:41
XBV00048.VDF    : 8.12.81.66     39424 Bytes  13.04.2016 01:01:41
XBV00049.VDF    : 8.12.81.68     12288 Bytes  13.04.2016 01:01:41
XBV00050.VDF    : 8.12.81.70     11264 Bytes  13.04.2016 01:01:41
XBV00051.VDF    : 8.12.81.72      6656 Bytes  13.04.2016 01:01:41
XBV00052.VDF    : 8.12.81.78     33280 Bytes  14.04.2016 12:01:00
XBV00053.VDF    : 8.12.81.80     15872 Bytes  14.04.2016 12:01:00
XBV00054.VDF    : 8.12.81.82      9728 Bytes  14.04.2016 12:01:00
XBV00055.VDF    : 8.12.81.98     13824 Bytes  14.04.2016 12:01:01
XBV00056.VDF    : 8.12.81.126    68608 Bytes  14.04.2016 23:13:22
XBV00057.VDF    : 8.12.81.140    17920 Bytes  14.04.2016 23:13:22
XBV00058.VDF    : 8.12.81.154    38912 Bytes  14.04.2016 23:13:23
XBV00059.VDF    : 8.12.81.156    35328 Bytes  14.04.2016 23:13:23
XBV00060.VDF    : 8.12.81.158    13824 Bytes  14.04.2016 23:13:23
XBV00061.VDF    : 8.12.81.162    71168 Bytes  15.04.2016 12:49:05
XBV00062.VDF    : 8.12.81.176     2048 Bytes  15.04.2016 12:49:05
XBV00063.VDF    : 8.12.81.190    22016 Bytes  15.04.2016 12:49:05
XBV00064.VDF    : 8.12.81.204    19456 Bytes  15.04.2016 12:49:05
XBV00065.VDF    : 8.12.81.218    29696 Bytes  15.04.2016 12:49:05
XBV00066.VDF    : 8.12.81.232    16384 Bytes  15.04.2016 12:49:05
XBV00067.VDF    : 8.12.81.246    13824 Bytes  15.04.2016 12:49:05
XBV00068.VDF    : 8.12.81.250    47616 Bytes  15.04.2016 23:30:18
XBV00069.VDF    : 8.12.81.252     2048 Bytes  15.04.2016 23:30:18
XBV00070.VDF    : 8.12.81.254    31744 Bytes  15.04.2016 23:30:18
XBV00071.VDF    : 8.12.82.0      11776 Bytes  15.04.2016 23:30:18
XBV00072.VDF    : 8.12.82.8     129024 Bytes  16.04.2016 20:38:56
XBV00073.VDF    : 8.12.82.22      2048 Bytes  16.04.2016 20:38:56
XBV00074.VDF    : 8.12.82.34     20992 Bytes  16.04.2016 20:38:56
XBV00075.VDF    : 8.12.82.46     23552 Bytes  16.04.2016 20:38:56
XBV00076.VDF    : 8.12.82.58     19456 Bytes  16.04.2016 20:38:57
XBV00077.VDF    : 8.12.82.60     15872 Bytes  16.04.2016 20:38:57
XBV00078.VDF    : 8.12.82.64     14848 Bytes  16.04.2016 20:38:57
XBV00079.VDF    : 8.12.82.66     84992 Bytes  17.04.2016 20:38:57
XBV00080.VDF    : 8.12.82.72     14336 Bytes  17.04.2016 20:38:57
XBV00081.VDF    : 8.12.82.74    134656 Bytes  17.04.2016 11:36:01
XBV00082.VDF    : 8.12.82.86     65536 Bytes  18.04.2016 11:36:01
XBV00083.VDF    : 8.12.82.98     17408 Bytes  18.04.2016 11:36:01
XBV00084.VDF    : 8.12.82.100     5120 Bytes  18.04.2016 11:36:01
XBV00085.VDF    : 8.12.82.102     4608 Bytes  18.04.2016 11:36:02
XBV00086.VDF    : 8.12.82.104    20480 Bytes  18.04.2016 18:05:42
XBV00087.VDF    : 8.12.82.108    33280 Bytes  18.04.2016 18:05:42
XBV00088.VDF    : 8.12.82.110     2048 Bytes  18.04.2016 18:05:42
XBV00089.VDF    : 8.12.82.112     2048 Bytes  18.04.2016 18:05:42
XBV00090.VDF    : 8.12.82.116    11776 Bytes  18.04.2016 18:05:42
XBV00091.VDF    : 8.12.82.128    35840 Bytes  18.04.2016 22:42:39
XBV00092.VDF    : 8.12.82.140    19968 Bytes  18.04.2016 22:42:39
XBV00093.VDF    : 8.12.82.152     9216 Bytes  18.04.2016 22:42:39
XBV00094.VDF    : 8.12.82.164     7680 Bytes  18.04.2016 22:42:39
XBV00095.VDF    : 8.12.82.168    55296 Bytes  19.04.2016 15:25:21
XBV00096.VDF    : 8.12.82.170     7680 Bytes  19.04.2016 15:25:21
XBV00097.VDF    : 8.12.82.172     8704 Bytes  19.04.2016 15:25:21
XBV00098.VDF    : 8.12.82.174    46080 Bytes  19.04.2016 15:25:21
XBV00099.VDF    : 8.12.82.180    56832 Bytes  19.04.2016 19:09:12
XBV00100.VDF    : 8.12.82.182    19456 Bytes  19.04.2016 19:09:13
XBV00101.VDF    : 8.12.82.184    23552 Bytes  19.04.2016 21:56:57
XBV00102.VDF    : 8.12.82.186    21504 Bytes  19.04.2016 17:11:19
XBV00103.VDF    : 8.12.82.188    23552 Bytes  19.04.2016 17:11:19
XBV00104.VDF    : 8.12.82.214    43520 Bytes  20.04.2016 17:11:19
XBV00105.VDF    : 8.12.82.224    14848 Bytes  20.04.2016 17:11:19
XBV00106.VDF    : 8.12.82.234    19968 Bytes  20.04.2016 17:11:19
XBV00107.VDF    : 8.12.82.236    10752 Bytes  20.04.2016 17:11:20
XBV00108.VDF    : 8.12.82.246     2560 Bytes  20.04.2016 17:11:20
XBV00109.VDF    : 8.12.83.2      97792 Bytes  20.04.2016 17:11:20
XBV00110.VDF    : 8.12.83.4       2048 Bytes  20.04.2016 17:11:20
XBV00111.VDF    : 8.12.83.6      46080 Bytes  20.04.2016 17:11:20
XBV00112.VDF    : 8.12.83.8       2048 Bytes  20.04.2016 17:11:20
XBV00113.VDF    : 8.12.83.10     29184 Bytes  20.04.2016 20:37:05
XBV00114.VDF    : 8.12.83.12     31232 Bytes  20.04.2016 20:37:05
XBV00115.VDF    : 8.12.83.14     30208 Bytes  20.04.2016 22:37:06
XBV00116.VDF    : 8.12.83.26     65536 Bytes  21.04.2016 21:19:33
XBV00117.VDF    : 8.12.83.34      8704 Bytes  21.04.2016 21:19:33
XBV00118.VDF    : 8.12.83.42     15872 Bytes  21.04.2016 21:19:33
XBV00119.VDF    : 8.12.83.50      8192 Bytes  21.04.2016 21:19:33
XBV00120.VDF    : 8.12.83.58     19456 Bytes  21.04.2016 21:19:33
XBV00121.VDF    : 8.12.83.68     99328 Bytes  21.04.2016 21:19:33
XBV00122.VDF    : 8.12.83.70     23040 Bytes  21.04.2016 21:19:33
XBV00123.VDF    : 8.12.83.72     13824 Bytes  21.04.2016 21:19:33
XBV00124.VDF    : 8.12.83.74     16896 Bytes  21.04.2016 21:19:33
XBV00125.VDF    : 8.12.83.76     15360 Bytes  21.04.2016 23:24:33
XBV00126.VDF    : 8.12.83.78      2560 Bytes  21.04.2016 23:24:33
XBV00127.VDF    : 8.12.83.82     72704 Bytes  22.04.2016 08:59:36
XBV00128.VDF    : 8.12.83.84     14336 Bytes  22.04.2016 08:59:36
XBV00129.VDF    : 8.12.83.86     17408 Bytes  22.04.2016 10:59:39
XBV00130.VDF    : 8.12.83.88     19456 Bytes  22.04.2016 12:59:35
XBV00131.VDF    : 8.12.83.90     35328 Bytes  22.04.2016 15:45:55
XBV00132.VDF    : 8.12.83.92     20992 Bytes  22.04.2016 15:45:55
XBV00133.VDF    : 8.12.83.100     2048 Bytes  22.04.2016 15:45:55
XBV00134.VDF    : 8.12.83.108    49664 Bytes  22.04.2016 12:17:44
XBV00135.VDF    : 8.12.83.116    27136 Bytes  22.04.2016 12:17:44
XBV00136.VDF    : 8.12.83.124    13312 Bytes  22.04.2016 12:17:44
XBV00137.VDF    : 8.12.83.128    22016 Bytes  22.04.2016 12:17:44
XBV00138.VDF    : 8.12.83.134    55808 Bytes  23.04.2016 12:17:44
XBV00139.VDF    : 8.12.83.136     2048 Bytes  23.04.2016 12:17:44
XBV00140.VDF    : 8.12.83.138    19968 Bytes  23.04.2016 12:17:44
XBV00141.VDF    : 8.12.83.142     2048 Bytes  23.04.2016 12:17:44
XBV00142.VDF    : 8.12.83.144    24064 Bytes  23.04.2016 12:17:44
XBV00143.VDF    : 8.12.83.146   125952 Bytes  24.04.2016 12:17:45
XBV00144.VDF    : 8.12.83.148     2048 Bytes  24.04.2016 12:17:45
XBV00145.VDF    : 8.12.83.156    15872 Bytes  24.04.2016 12:17:45
XBV00146.VDF    : 8.12.83.162    16384 Bytes  24.04.2016 16:23:28
XBV00147.VDF    : 8.12.83.168   118272 Bytes  25.04.2016 11:01:10
XBV00148.VDF    : 8.12.83.174    18944 Bytes  25.04.2016 11:01:10
XBV00149.VDF    : 8.12.83.180    11776 Bytes  25.04.2016 11:01:10
XBV00150.VDF    : 8.12.83.182    20480 Bytes  25.04.2016 23:30:21
XBV00151.VDF    : 8.12.83.186    55808 Bytes  25.04.2016 23:30:21
XBV00152.VDF    : 8.12.83.188     6656 Bytes  25.04.2016 23:30:21
XBV00153.VDF    : 8.12.83.190    12288 Bytes  25.04.2016 23:30:21
XBV00154.VDF    : 8.12.83.192    27136 Bytes  25.04.2016 23:30:21
XBV00155.VDF    : 8.12.83.194    16384 Bytes  25.04.2016 23:30:21
XBV00156.VDF    : 8.12.83.200     5632 Bytes  25.04.2016 23:30:21
XBV00157.VDF    : 8.12.83.212    55808 Bytes  26.04.2016 10:25:44
XBV00158.VDF    : 8.12.83.218     2048 Bytes  26.04.2016 10:25:44
XBV00159.VDF    : 8.12.83.224    11264 Bytes  26.04.2016 10:25:44
XBV00160.VDF    : 8.12.83.230    12800 Bytes  26.04.2016 10:25:44
XBV00161.VDF    : 8.12.83.232    19968 Bytes  26.04.2016 10:25:44
XBV00162.VDF    : 8.12.83.236    49152 Bytes  26.04.2016 22:51:27
XBV00163.VDF    : 8.12.83.238     2048 Bytes  26.04.2016 22:51:32
XBV00164.VDF    : 8.12.83.240    16384 Bytes  26.04.2016 22:51:33
XBV00165.VDF    : 8.12.83.242    16896 Bytes  26.04.2016 22:51:35
XBV00166.VDF    : 8.12.83.244    10240 Bytes  26.04.2016 22:51:36
XBV00167.VDF    : 8.12.83.246     8704 Bytes  26.04.2016 22:51:38
XBV00168.VDF    : 8.12.83.248     7680 Bytes  26.04.2016 22:51:39
XBV00169.VDF    : 8.12.83.250    10240 Bytes  26.04.2016 22:51:39
XBV00170.VDF    : 8.12.83.252    19456 Bytes  26.04.2016 15:24:01
XBV00171.VDF    : 8.12.84.4      33792 Bytes  27.04.2016 15:24:01
XBV00172.VDF    : 8.12.84.10      3584 Bytes  27.04.2016 15:24:01
XBV00173.VDF    : 8.12.84.14      8704 Bytes  27.04.2016 15:24:01
XBV00174.VDF    : 8.12.84.18     23552 Bytes  27.04.2016 15:24:02
XBV00175.VDF    : 8.12.84.46     29696 Bytes  27.04.2016 15:24:02
XBV00176.VDF    : 8.12.84.74     41472 Bytes  27.04.2016 15:24:02
XBV00177.VDF    : 8.12.84.100    22528 Bytes  27.04.2016 17:23:59
XBV00178.VDF    : 8.12.84.126    16896 Bytes  27.04.2016 21:15:13
XBV00179.VDF    : 8.12.84.152     2048 Bytes  27.04.2016 21:15:13
XBV00180.VDF    : 8.12.84.178    14336 Bytes  27.04.2016 21:15:13
XBV00181.VDF    : 8.12.84.204     2048 Bytes  27.04.2016 21:15:13
LOCAL000.VDF    : 8.12.84.204 152929792 Bytes  27.04.2016 21:15:28
Engine version  : 8.3.38.38 
AEBB.DLL        : 8.1.3.0        59296 Bytes  19.11.2015 14:29:14
AECORE.DLL      : 8.3.12.4      247720 Bytes  21.03.2016 18:58:52
AEDROID.DLL     : 8.4.3.358    2717608 Bytes  05.04.2016 19:16:48
AEEMU.DLL       : 8.1.3.8       404328 Bytes  18.03.2016 12:57:55
AEEXP.DLL       : 8.4.2.160     300968 Bytes  05.04.2016 19:16:09
AEGEN.DLL       : 8.1.8.88      535400 Bytes  19.04.2016 15:25:21
AEHELP.DLL      : 8.3.2.10      284584 Bytes  15.02.2016 13:37:37
AEHEUR.DLL      : 8.1.4.2246  10165104 Bytes  08.04.2016 12:24:14
AEMOBILE.DLL    : 8.1.8.10      301936 Bytes  26.11.2015 14:05:33
AEOFFICE.DLL    : 8.3.3.26      468904 Bytes  21.04.2016 21:19:32
AEPACK.DLL      : 8.4.2.14      805744 Bytes  31.03.2016 23:48:49
AERDL.DLL       : 8.2.1.42      813928 Bytes  18.03.2016 12:57:56
AESBX.DLL       : 8.2.21.4     1629032 Bytes  17.03.2016 00:33:35
AESCN.DLL       : 8.3.4.4       142456 Bytes  11.03.2016 12:19:09
AESCRIPT.DLL    : 8.3.0.112     595880 Bytes  27.04.2016 15:24:01
AEVDF.DLL       : 8.3.3.4       142184 Bytes  21.03.2016 18:58:54
AVWINLL.DLL     : 15.0.16.227    27680 Bytes  11.03.2016 14:35:12
AVPREF.DLL      : 15.0.16.227    53944 Bytes  11.03.2016 14:35:18
AVREP.DLL       : 15.0.16.227   223400 Bytes  11.03.2016 14:35:18
AVARKT.DLL      : 15.0.16.227   230080 Bytes  11.03.2016 14:35:13
AVEVTLOG.DLL    : 15.0.16.251   200192 Bytes  11.03.2016 14:35:14
SQLITE3.DLL     : 15.0.16.227   459752 Bytes  11.03.2016 14:35:52
AVSMTP.DLL      : 15.0.16.227    80200 Bytes  11.03.2016 14:35:22
NETNT.DLL       : 15.0.16.227    16880 Bytes  11.03.2016 14:35:47
CommonImageRc.dll: 15.0.16.222  4307832 Bytes  11.03.2016 14:35:12
CommonTextRc.dll: 15.0.16.222    68352 Bytes  11.03.2016 14:35:12

Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................: 

Start of the scan: Donnerstag, 28. April 2016  12:12

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
    [INFO]      No virus was found!

Starting search for hidden objects.
Error in ARK library

The scan of running processes will be started:
Scan process 'svchost.exe' - '71' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'dwm.exe' - '46' Module(s) have been scanned
Scan process 'svchost.exe' - '113' Module(s) have been scanned
Scan process 'svchost.exe' - '103' Module(s) have been scanned
Scan process 'svchost.exe' - '199' Module(s) have been scanned
Scan process 'svchost.exe' - '71' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '32' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '23' Module(s) have been scanned
Scan process 'igfxCUIService.exe' - '36' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '56' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '92' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'dashost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'HerculesDJControlMP3.EXE' - '31' Module(s) have been scanned
Scan process 'CxAudMsg64.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '32' Module(s) have been scanned
Scan process 'avguard.exe' - '104' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '29' Module(s) have been scanned
Scan process 'LenovoWiFiHotspotSvr.exe' - '45' Module(s) have been scanned
Scan process 'SystemAgentService.exe' - '35' Module(s) have been scanned
Scan process 'HeciServer.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'SAsrv.exe' - '28' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '57' Module(s) have been scanned
Scan process 'ETDService.exe' - '20' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '115' Module(s) have been scanned
Scan process 'daemonu.exe' - '66' Module(s) have been scanned
Scan process 'ETDCtrl.exe' - '55' Module(s) have been scanned
Scan process 'sihost.exe' - '59' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '40' Module(s) have been scanned
Scan process 'taskeng.exe' - '20' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '92' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '37' Module(s) have been scanned
Scan process 'Explorer.EXE' - '213' Module(s) have been scanned
Scan process 'SkypeHost.exe' - '107' Module(s) have been scanned
Scan process 'ETDCtrlHelper.exe' - '37' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '123' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '51' Module(s) have been scanned
Scan process 'ShellExperienceHost.exe' - '88' Module(s) have been scanned
Scan process 'igfxEM.exe' - '50' Module(s) have been scanned
Scan process 'igfxHK.exe' - '28' Module(s) have been scanned
Scan process 'igfxTray.exe' - '46' Module(s) have been scanned
Scan process 'SearchUI.exe' - '120' Module(s) have been scanned
Scan process 'DllHost.exe' - '31' Module(s) have been scanned
Scan process 'RTFTrack.exe' - '41' Module(s) have been scanned
Scan process 'NvTmru.exe' - '31' Module(s) have been scanned
Scan process 'CAudioFilterAgent64.exe' - '34' Module(s) have been scanned
Scan process 'fmapp.exe' - '14' Module(s) have been scanned
Scan process 'OnekeyStudio.exe' - '42' Module(s) have been scanned
Scan process 'Energy Manager.exe' - '52' Module(s) have been scanned
Scan process 'utility.exe' - '40' Module(s) have been scanned
Scan process 'HDJSeries2TrayBar.exe' - '45' Module(s) have been scanned
Scan process 'OneDrive.exe' - '76' Module(s) have been scanned
Scan process 'avgnt.exe' - '118' Module(s) have been scanned
Scan process 'HDJSeriesCPL.exe' - '49' Module(s) have been scanned
Scan process 'HDJSeries2CPL.exe' - '46' Module(s) have been scanned
Scan process 'avcenter.exe' - '143' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '30' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'taskhostw.exe' - '36' Module(s) have been scanned
Scan process 'ApplicationFrameHost.exe' - '45' Module(s) have been scanned
Scan process 'PDVD10Serv.EXE' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '93' Module(s) have been scanned
Scan process 'wuapihost.exe' - '24' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '71' Module(s) have been scanned
Scan process 'HPSupportSolutionsFrameworkService.exe' - '68' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '90' Module(s) have been scanned
Scan process 'taskmgr.exe' - '68' Module(s) have been scanned
Scan process 'jhi_service.exe' - '31' Module(s) have been scanned
Scan process 'LMS.exe' - '54' Module(s) have been scanned
Scan process 'WMIADAP.EXE' - '22' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '26' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '68' Module(s) have been scanned
Scan process 'avscan.exe' - '80' Module(s) have been scanned
Scan process 'avscan.exe' - '109' Module(s) have been scanned
Scan process 'vssvc.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '27' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '33' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '20' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsass.exe' - '75' Module(s) have been scanned

Starting to scan executable files (registry):
The registry was scanned ( '1857' files ).


Starting the file scan:

Begin scan in 'C:\' <Windows8_OS>
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll
  [DETECTION] Contains patterns of software PUA/SearchProtect.Gen
C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe
    [0] Archive type: NSIS
    --> AV00028107.AV$
        [1] Archive type: NSIS
      --> Object
          [DETECTION] Contains patterns of software PUA/SearchProtect.191901
          [WARNING]   Infected files in archives cannot be repaired
C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity.zip
    [0] Archive type: ZIP
    --> Crack/VDJ8ProInf_KeyGen.exe
        [1] Archive type: NSIS
      --> ProgramFilesDir/BASSMOD.dll
          [2] Archive type: Runtime Packed
        --> Object
            [DETECTION] Is the TR/Agent.975271 Trojan
            [WARNING]   Infected files in archives cannot be repaired
C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity\Crack\VDJ8ProInf_KeyGen.exe
  [DETECTION] Is the TR/Agent.975271 Trojan
C:\Users\UNI\Downloads\flstudio_11.1.1.exe
    [0] Archive type: NSIS
    --> [PluginsDir]/OCSetupHlp.dll
        [DETECTION] Contains patterns of software PUA/OpenCandy.Gen
        [WARNING]   Infected files in archives cannot be repaired
Begin scan in 'D:\' <LENOVO>

Beginning disinfection:
[WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe
[WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll
C:\Users\UNI\Downloads\flstudio_11.1.1.exe
  [DETECTION] Contains patterns of software PUA/OpenCandy.Gen
  [NOTE]      The file was moved to the quarantine directory under the name '7dc39f21.qua'!
C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity\Crack\VDJ8ProInf_KeyGen.exe
  [DETECTION] Is the TR/Agent.975271 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '38beb272.qua'!
C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity.zip
  [DETECTION] Is the TR/Agent.975271 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '47588062.qua'!
C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe
  [DETECTION] Contains patterns of software PUA/SearchProtect.191901
  [WARNING]   The file could not be copied to quarantine!
  [WARNING]   Error in ARK library
  [NOTE]      The file is scheduled for deleting after reboot.
  [NOTE]      It is recommended to restart your computer in order to finish the repair.
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll
  [DETECTION] Contains patterns of software PUA/SearchProtect.Gen
  [WARNING]   The file could not be copied to quarantine!
  [WARNING]   Error in ARK library
  [NOTE]      The file is scheduled for deleting after reboot.
  [NOTE]      It is recommended to restart your computer in order to finish the repair.


End of the scan: Donnerstag, 28. April 2016  14:52
Used time:  2:30:36 Hour(s)

The scan has been done completely.

  85860 Scanned directories
 1788641 Files were scanned
      5 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      3 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 1788636 Files not concerned
  12686 Archives were scanned
      5 Warnings
      5 Notes

The repair notes were written to the file 'C:\avrescue\rescue.avp'.

CaptainM · 29.04.2016, 13:24

Habe alle Schritte deiner Anleitung befolgt und hier ist zuerst die FRST.text Datei:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
durchgeführt von UNI (Administrator) auf LENOVO-PC (29-04-2016 13:27:40)
Gestartet von C:\Users\UNI\Desktop
Geladene Profile: UpdatusUser & UNI (Verfügbare Profile: UpdatusUser & UNI & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-02-13] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14]
FF Extension: Ghostery - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30]
FF Extension: Adblock Plus - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27]

Chrome: 
=======
CHR HomePage: Default -> hxxps://startpage.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Docs) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Agar.io Mods) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24]
CHR Extension: (Google-Suche) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12]
CHR Extension: (Google Docs Offline) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
CHR Extension: (Java for Web Pages) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28]
CHR Extension: (Ghostery) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Google Mail) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835664 2016-03-31] (Valve Corporation) [Datei ist nicht signiert]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3742464 2016-02-13] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-11-22] (Check Point Software Technologies, Ltd.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-11] (Avira Operations GmbH & Co. KG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-12-01] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-12-01] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [172920 2015-12-01] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-01] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [919416 2015-12-01] (AO Kaspersky Lab)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           )
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461792 2016-02-13] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 13:27 - 2016-04-29 13:28 - 00023794 _____ C:\Users\UNI\Desktop\FRST.txt
2016-04-29 13:27 - 2016-04-29 13:27 - 00000000 ____D C:\FRST
2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\UNI\Desktop\FRST64.exe
2016-04-28 20:47 - 2016-04-29 13:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-28 17:01 - 2016-04-28 17:01 - 00431382 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2016-04-28 17:01 - 2015-12-01 06:46 - 00478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2016-04-28 17:01 - 2015-12-01 06:46 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-04-28 17:00 - 2016-04-28 17:00 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2016-04-28 17:00 - 2016-04-28 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2016-04-28 16:54 - 2016-04-28 17:00 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint
2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe
2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe
2016-04-28 16:17 - 2016-04-28 16:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Avira
2016-04-28 16:16 - 2016-04-28 18:34 - 00000000 ____D C:\ProgramData\SecTaskMan
2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator
2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010
2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url
2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url
2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url
2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\UNI\Desktop\zasetupweb_132_015_000.exe
2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\UNI\Desktop\cfw_installer_6106_53.exe
2016-04-28 12:57 - 2016-04-28 22:10 - 00000000 ____D C:\AdwCleaner
2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\UNI\Desktop\AdwCleaner.exe
2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\UNI\Desktop\MotioninJoy_071001_signed
2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\UNI\Desktop\MotioninJoy_071001_signed.zip
2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\UNI\Desktop\LRG CD
2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\UNI\Desktop\LRG-Playlist
2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\UNI\Desktop\HandyMusik
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS
2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\UNI\AppData\Local\MicrosoftEdge
2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\UNI\AppData\Local\NetworkTiles
2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\UNI\AppData\Local\ActiveSync
2016-04-11 13:31 - 2016-04-29 13:23 - 00000000 __SHD C:\Users\UNI\IntelGraphicsProfiles
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\TileDataLayer
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Publishers
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Comms
2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\UNI\ntuser.ini
2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old
2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-11 12:11 - 2016-04-29 12:53 - 00000000 ____D C:\Users\UNI
2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Anwendungsdaten
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech
2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml
2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\UNI\Downloads\jxpiinstall(4).exe
2016-03-30 18:56 - 2016-03-30 18:56 - 00088372 _____ C:\Users\UNI\Desktop\Studienbescheinigung_334281_30.03.2016.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-29 13:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-29 13:22 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-28 17:01 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-28 16:08 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-28 14:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job
2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913}
2016-04-28 12:09 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\UNI\AppData\Local\Spotify
2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Spotify
2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\UNI\OneDrive
2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy
2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\UNI\AppData\Roaming\vlc
2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-18 15:37 - 2015-08-31 17:17 - 00001218 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-04-18 15:37 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-18 15:37 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\UNI\AppData\Local\Adobe
2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\UNI\AppData\Local\Packages
2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel
2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b
2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002
2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500
2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de
2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18
2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013
2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell
2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-11 12:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED
2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules
2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf
2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\UNI\AppData\Roaming\ClassicShell
2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\UNI\AppData\Local\ElevatedDiagnostics
2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\UNI\Desktop\Thumbs.db
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Skype
2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle
2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\UNI\.oracle_jre_usage
2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\UNI\AppData\Local\BTServer.log
2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\UNI\AppData\Local\Resmon.ResmonCfg
2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\UNI\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689}
2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\UNI\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-25 18:43

==================== Ende von FRST.txt ============================

CaptainM · 29.04.2016, 14:22

Hier ist die Addition.txt Datei:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016
durchgeführt von UNI (2016-04-29 13:29:16)
Gestartet von C:\Users\UNI\Desktop
Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled)
Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled)
UNI (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\UNI
UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot)
DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation)
DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 14.1.048.000 - Check Point)
ZoneAlarm Security (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
"{013F2D37-EFCB-4D95-8235-64CCE74DC87F}" task wurde entsperrt. <===== ACHTUNG
"{01C7C80F-DA6A-4698-BA70-4DA27991C5A9}" task wurde entsperrt. <===== ACHTUNG
"{08629A58-75ED-46AA-8646-8C7015698215}" task wurde entsperrt. <===== ACHTUNG
"{0A493256-4ADB-4CF2-8AB5-8CCBEFDFC5FE}" task wurde entsperrt. <===== ACHTUNG
"{0B545118-B563-42FC-8D07-B78F602FCF34}" task wurde entsperrt. <===== ACHTUNG
"{0C20E8DB-DCF0-4C48-B9B9-482E02BD9F1F}" task wurde entsperrt. <===== ACHTUNG
"{0CFE2E40-6A97-48C5-9F38-DE82315CF1B0}" task wurde entsperrt. <===== ACHTUNG
Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
"{11406457-2C26-401D-B271-B7393CAD7F85}" task wurde entsperrt. <===== ACHTUNG
"{181EF958-CF2C-45C1-BFE2-0048458E3EFC}" task wurde entsperrt. <===== ACHTUNG
"{1A289232-BCB9-4599-A894-898D820255F8}" task wurde entsperrt. <===== ACHTUNG
"{1A4230A2-E136-4936-9B22-DDF624BB8332}" task wurde entsperrt. <===== ACHTUNG
"{1A438DBA-6F47-44D6-8207-124A92E1597E}" task wurde entsperrt. <===== ACHTUNG
"{1A8A1750-6B60-430B-A914-E01C395D222E}" task wurde entsperrt. <===== ACHTUNG
Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
"{1F0B1B6D-6FB8-495E-8D1D-0B6BA27883EB}" task wurde entsperrt. <===== ACHTUNG
Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
"{216D44FB-2DD3-4478-8395-49C0E0D2D767}" task wurde entsperrt. <===== ACHTUNG
"{22DF95EE-A3BC-4A00-8468-0FF46BF970FC}" task wurde entsperrt. <===== ACHTUNG
"{2300B6D1-D409-499E-92DF-030662B73A6B}" task wurde entsperrt. <===== ACHTUNG
"{27A7ABEB-AF7C-40F4-BAD4-95630EB0C1FA}" task wurde entsperrt. <===== ACHTUNG
"{2B307AD0-33EA-4DB6-81B3-05FEADBE1140}" task wurde entsperrt. <===== ACHTUNG
"{2C389306-244A-4110-97CB-594D5A467287}" task wurde entsperrt. <===== ACHTUNG
"{2CCA2563-023C-4159-8011-59C6C9E1973A}" task wurde entsperrt. <===== ACHTUNG
Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
"{317107BF-13F6-48B4-AA5A-BA0B03A02F4B}" task wurde entsperrt. <===== ACHTUNG
"{33046BDC-2974-457F-A198-055760713D46}" task wurde entsperrt. <===== ACHTUNG
"{330DDC8E-A32D-4363-9C85-527F2673DDF7}" task wurde entsperrt. <===== ACHTUNG
"{352E6CA0-7314-4DF4-89C4-682368D80D57}" task wurde entsperrt. <===== ACHTUNG
"{3627755F-6629-4D94-850A-FBE43D28BEB8}" task wurde entsperrt. <===== ACHTUNG
"{37307B43-41DC-4BBE-BF3B-9B1631BEE311}" task wurde entsperrt. <===== ACHTUNG
"{3788B008-08AE-42A1-AECB-404EE0EFEAA5}" task wurde entsperrt. <===== ACHTUNG
"{4208A7BF-D622-476E-A1A3-F9EB2719ECD4}" task wurde entsperrt. <===== ACHTUNG
"{43744BF4-03F7-4B73-87FC-2BA232F6D655}" task wurde entsperrt. <===== ACHTUNG
"{44AF46C9-4AA6-4851-959E-023D755ED880}" task wurde entsperrt. <===== ACHTUNG
"{44EA678F-7E08-4531-92E2-587CA13B5D2C}" task wurde entsperrt. <===== ACHTUNG
"{45561755-0BB2-49DF-9B3C-3F0CEB4AB61E}" task wurde entsperrt. <===== ACHTUNG
"{45A1E736-EAAA-4735-ABBA-A9C5CF2BDAEF}" task wurde entsperrt. <===== ACHTUNG
"{48A98229-5C8E-4DDD-8139-CF35F7262A95}" task wurde entsperrt. <===== ACHTUNG
"{48E4EF46-2962-499E-B496-FD87DEFA9D4D}" task wurde entsperrt. <===== ACHTUNG
"{4A944005-EAD7-4E3D-A0CB-E36A03948234}" task wurde entsperrt. <===== ACHTUNG
"{4ADD02F8-8A80-4037-93AF-01F0D391A8D4}" task wurde entsperrt. <===== ACHTUNG
"{4BC5D02D-368A-405A-B471-F9CAB6666731}" task wurde entsperrt. <===== ACHTUNG
"{4C5A8A03-2384-464F-AEAA-F58928D854D8}" task wurde entsperrt. <===== ACHTUNG
"{4E3CB8C2-8A0C-4570-A32E-7319C6E8E432}" task wurde entsperrt. <===== ACHTUNG
"{4E4954A6-C22F-4537-87FE-9A696B7BF9C4}" task wurde entsperrt. <===== ACHTUNG
"{511CB694-F6BB-49BA-AC20-E2916B05BD90}" task wurde entsperrt. <===== ACHTUNG
"{52362630-34B3-46AA-8508-9857D8B13B4F}" task wurde entsperrt. <===== ACHTUNG
Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
"{5587F1DC-15D0-4331-A673-6EF75E5CD9C0}" task wurde entsperrt. <===== ACHTUNG
"{57ED60D2-6B0B-4069-90B4-50B067491212}" task wurde entsperrt. <===== ACHTUNG
"{59CBDFB9-8D90-4443-9AF8-5C3B45220F5E}" task wurde entsperrt. <===== ACHTUNG
"{59CE74C9-886F-4121-8052-508A4B829DC6}" task wurde entsperrt. <===== ACHTUNG
"{5A3FB241-0B11-4EA5-BC66-0D9F1B406040}" task wurde entsperrt. <===== ACHTUNG
"{5B4C02FF-5C7C-42FB-877E-4F57C6198A71}" task wurde entsperrt. <===== ACHTUNG
"{5E8CC375-A631-401B-A83D-65F729771F42}" task wurde entsperrt. <===== ACHTUNG
Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
"{61E97BCB-528E-4B3C-A43A-CDFC978E48E7}" task wurde entsperrt. <===== ACHTUNG
Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
"{62C6204C-B449-4C2C-B915-D8E513C8D2DC}" task wurde entsperrt. <===== ACHTUNG
"{64EFDCE4-067E-45AD-80B7-9ACADBA7145A}" task wurde entsperrt. <===== ACHTUNG
"{669B944E-926D-4382-AB83-710022AE3EA2}" task wurde entsperrt. <===== ACHTUNG
"{66FE0026-8E27-493D-BED2-EF4ACF50814C}" task wurde entsperrt. <===== ACHTUNG
"{679EB820-C80C-4B8C-81EB-D3B5A83C3BF3}" task wurde entsperrt. <===== ACHTUNG
"{687FB905-133F-462F-9C7E-6FD5DE83B91D}" task wurde entsperrt. <===== ACHTUNG
"{697E18DD-943C-470A-B9E3-6E5DDCB42D05}" task wurde entsperrt. <===== ACHTUNG
"{6B0D6754-588A-4B5C-95F7-7F39A9780F7E}" task wurde entsperrt. <===== ACHTUNG
"{6B696BCF-C866-41CA-B4E4-3D19FB1E9250}" task wurde entsperrt. <===== ACHTUNG
"{6BA02DD2-FC59-4F60-9427-42EA1A59DDE1}" task wurde entsperrt. <===== ACHTUNG
"{6CBA2464-1DAD-4F1D-919F-4E6DFC499277}" task wurde entsperrt. <===== ACHTUNG
"{6D88DE84-0813-4C51-99FC-12A9A98DD1D9}" task wurde entsperrt. <===== ACHTUNG
"{6DFCB649-0769-4F83-BB10-F60F235F6D3D}" task wurde entsperrt. <===== ACHTUNG
"{70CF17D8-ACB3-4DBF-B283-6A71C9BF3D0E}" task wurde entsperrt. <===== ACHTUNG
"{71E53243-3A2D-47EE-9DAB-6D71B2366657}" task wurde entsperrt. <===== ACHTUNG
Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
"{73F84A2E-E267-44CD-AE43-26F5FADC07BC}" task wurde entsperrt. <===== ACHTUNG
"{7464E64D-F916-44C4-8B4D-8285C95325A1}" task wurde entsperrt. <===== ACHTUNG
"{7506EE3F-10D4-4FCF-9DDD-77B8FF1182D4}" task wurde entsperrt. <===== ACHTUNG
"{75336275-E3E0-4BC0-B373-3CFB8C1E4130}" task wurde entsperrt. <===== ACHTUNG
"{75EEC801-5298-41FE-BD51-F07E4178CA3E}" task wurde entsperrt. <===== ACHTUNG
"{7A6FA6EC-ED66-42B8-B9D7-06523FB6E039}" task wurde entsperrt. <===== ACHTUNG
"{7AE1BCAC-061D-4672-BACB-88BC74CE1D7A}" task wurde entsperrt. <===== ACHTUNG
"{7BC12C89-A012-46EA-B9EB-052EB5CD4326}" task wurde entsperrt. <===== ACHTUNG
"{7BD8F44E-530D-41CF-B1D0-B9BB0B0C1C73}" task wurde entsperrt. <===== ACHTUNG
"{7F64EAF9-FFE6-49DB-90DD-80D2B8774614}" task wurde entsperrt. <===== ACHTUNG
"{7FAF6FA5-8557-4C4D-9206-7460555EAB06}" task wurde entsperrt. <===== ACHTUNG
"{830038A6-9046-42E5-B03C-1455E6BDFBAF}" task wurde entsperrt. <===== ACHTUNG
"{84E4A8CF-CE13-47C4-ABC1-BC5DD42C6C83}" task wurde entsperrt. <===== ACHTUNG
"{860F596C-A1D8-4651-B747-D134041D80AD}" task wurde entsperrt. <===== ACHTUNG
"{872D0E53-FD2E-41E3-B431-698AF82882CE}" task wurde entsperrt. <===== ACHTUNG
"{8865CC07-3C24-475C-896D-8ABA96F2471A}" task wurde entsperrt. <===== ACHTUNG
Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
"{90D79106-3D12-40AF-A9BA-231F2327770C}" task wurde entsperrt. <===== ACHTUNG
"{94582C27-CA52-4593-9A48-A317C4D361E3}" task wurde entsperrt. <===== ACHTUNG
"{955E8D5B-0718-411A-9D8F-83454788272B}" task wurde entsperrt. <===== ACHTUNG
"{97601E9E-9C9C-415D-B81D-9F86ACA7CDC5}" task wurde entsperrt. <===== ACHTUNG
"{9979486C-F0A7-4AC7-8BC0-AE474A7EBE6C}" task wurde entsperrt. <===== ACHTUNG
Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
"{9A58602B-2D48-4E55-BA94-672A29521C76}" task wurde entsperrt. <===== ACHTUNG
"{9B3A6CD7-4CDE-4432-BE99-B316D2296C86}" task wurde entsperrt. <===== ACHTUNG
"{9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E}" task wurde entsperrt. <===== ACHTUNG
"{9FFB29C5-38ED-47CB-B89B-EA84708EBA65}" task wurde entsperrt. <===== ACHTUNG
"{A483A62A-BEE2-43EF-B43D-C4B6555D6F1E}" task wurde entsperrt. <===== ACHTUNG
"{A4D1B478-9D9D-489F-98BF-846F21D1EA6C}" task wurde entsperrt. <===== ACHTUNG
"{A6D9FF76-0705-4B3D-9D8E-0BB183A7D3E9}" task wurde entsperrt. <===== ACHTUNG
Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
"{AE229047-6634-45F4-A0F4-6A9522659F2D}" task wurde entsperrt. <===== ACHTUNG
"{AF8621E4-DD0A-4E22-AEBD-D252114A7D89}" task wurde entsperrt. <===== ACHTUNG
"{AFD4A8A3-508B-4785-8271-CDEBAEED3F46}" task wurde entsperrt. <===== ACHTUNG
"{B3DD4C81-C4AC-4263-806F-E5B540C1B26A}" task wurde entsperrt. <===== ACHTUNG
"{B4A5B97B-E0F1-4984-ADA4-432088751E1B}" task wurde entsperrt. <===== ACHTUNG
Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
"{BA3388B9-C9D3-47A9-A9B5-E79B50DD0270}" task wurde entsperrt. <===== ACHTUNG
"{BB94B31D-4FE5-42FB-A144-A393F6C54A6F}" task wurde entsperrt. <===== ACHTUNG
"{BD62F7BB-7242-4904-A8A8-4E358ED75D6B}" task wurde entsperrt. <===== ACHTUNG
Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
"{BF589992-F6BB-4FFC-8766-FB138C7DE18D}" task wurde entsperrt. <===== ACHTUNG
"{C0A4DF9B-B00D-4626-8994-BF17C88860B0}" task wurde entsperrt. <===== ACHTUNG
"{C1E1F555-5EEC-4D6B-98FB-9934616F00E9}" task wurde entsperrt. <===== ACHTUNG
"{C349BB67-3672-4975-AE02-517BAD9318EE}" task wurde entsperrt. <===== ACHTUNG
"{C4AE3C3E-C327-4689-B6FD-C11FB31AE88B}" task wurde entsperrt. <===== ACHTUNG
"{C4E89737-E6D8-4D86-B15E-50A93654BBC1}" task wurde entsperrt. <===== ACHTUNG
Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
"{C7752DC6-148D-4AB0-93E1-D84AEB7AA014}" task wurde entsperrt. <===== ACHTUNG
"{C880A9A1-137C-495D-92AC-40CE8DF7E253}" task wurde entsperrt. <===== ACHTUNG
"{C881A742-1A15-4EAC-96B9-9C6EA38AC7FA}" task wurde entsperrt. <===== ACHTUNG
"{C8DB9D2B-AB0A-4D3F-8409-427C806748D6}" task wurde entsperrt. <===== ACHTUNG
"{CA1E905A-B064-48AF-9F06-68C7E71498B9}" task wurde entsperrt. <===== ACHTUNG
"{CA4BE44E-107E-4B2D-91AF-FC3B077B02FC}" task wurde entsperrt. <===== ACHTUNG
"{CC8236FF-A055-4083-A37E-D0F85E135DE3}" task wurde entsperrt. <===== ACHTUNG
"{CE2DE968-E342-40D7-9566-427D45E4A886}" task wurde entsperrt. <===== ACHTUNG
"{CFC77F13-E27C-4C44-8D9B-CB2163D27C89}" task wurde entsperrt. <===== ACHTUNG
"{D7F0F250-0978-4FFA-BA28-A14C0AB462FF}" task wurde entsperrt. <===== ACHTUNG
"{DAAFAEC3-BC03-44D7-A77D-05760FE578AD}" task wurde entsperrt. <===== ACHTUNG
"{DB458018-DEBA-4577-AB8B-EA1506110FB8}" task wurde entsperrt. <===== ACHTUNG
Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
"{DE9EF05D-D131-41FC-87C9-ABF449872934}" task wurde entsperrt. <===== ACHTUNG
"{E03596C8-B2A4-4553-B379-B678F0EBCA95}" task wurde entsperrt. <===== ACHTUNG
"{E15B0834-C96C-40E1-8995-12FE38D52648}" task wurde entsperrt. <===== ACHTUNG
Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
"{E506F4C9-20BB-40AE-AD65-2304E5EF9B80}" task wurde entsperrt. <===== ACHTUNG
Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
"{E5217668-D921-4907-8CE1-276EABA44515}" task wurde entsperrt. <===== ACHTUNG
Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
"{E7D61507-58B7-44DC-8D1E-932F96FC2D62}" task wurde entsperrt. <===== ACHTUNG
"{EA5D5FA7-79F4-4BC8-8C91-CA1A24F86527}" task wurde entsperrt. <===== ACHTUNG
"{EC59CC4E-A8CB-476D-8421-92558446E9A3}" task wurde entsperrt. <===== ACHTUNG
"{EF3EC7C4-1CB5-43F1-A074-D1D74BB07D7A}" task wurde entsperrt. <===== ACHTUNG
"{EFB2C913-BFA0-4FB9-8130-48BEE6BD1B12}" task wurde entsperrt. <===== ACHTUNG
"{F120A436-C215-4927-87AA-934387AF5782}" task wurde entsperrt. <===== ACHTUNG
"{F2341244-5F02-41C5-BA40-4FBADCD67206}" task wurde entsperrt. <===== ACHTUNG
"{F35162BA-CDE7-4746-A368-D590640A3FA9}" task wurde entsperrt. <===== ACHTUNG
"{F4BF89A9-8488-4988-B163-F7F0341D521B}" task wurde entsperrt. <===== ACHTUNG
"{F6734075-627C-47CE-918F-B51866D629BB}" task wurde entsperrt. <===== ACHTUNG
"{F775C69D-FE09-4105-8F98-5DC6D956FA4E}" task wurde entsperrt. <===== ACHTUNG
"{F98BB314-575B-453F-A9F9-A13B9D088426}" task wurde entsperrt. <===== ACHTUNG
"{F98C81FF-D786-4067-AAFB-D67F2BA8542A}" task wurde entsperrt. <===== ACHTUNG
"{FA625267-66E0-464A-AE95-8754007E78AD}" task wurde entsperrt. <===== ACHTUNG
"{FB1868EE-5CA8-4DE9-A8B1-6171EB0EDB5A}" task wurde entsperrt. <===== ACHTUNG
"{FC52F032-45F0-4B04-99DA-5A5F43CB0392}" task wurde entsperrt. <===== ACHTUNG
"{FC5681F1-C930-414C-8049-16F7B32D0FEF}" task wurde entsperrt. <===== ACHTUNG
"{FEF85651-4DD3-461C-AB7B-44FC3276E219}" task wurde entsperrt. <===== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-12-01 06:46 - 2015-12-01 06:46 - 00794920 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\UNI\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900
FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869
FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357
FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100
FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 01:29:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:29:03Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:28:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:28:33Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:28:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:28:03Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:27:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:27:33Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:27:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:27:03Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:26:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:26:33Z. Fehlercode: 0x80070005.

Error: (04/29/2016 01:25:38 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:25:38Z. Fehlercode: 0x80070005.

Error: (04/28/2016 10:17:35 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:17:35Z. Fehlercode: 0x80070005.

Error: (04/28/2016 10:17:05 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:17:05Z. Fehlercode: 0x80070005.

Error: (04/28/2016 10:16:35 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:16:35Z. Fehlercode: 0x80070005.


Systemfehler:
=============
Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT)
Description: Die Aufgabenplanungdienst konnte durch den Computerstart ausgelöste Aufgaben nicht starten. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 01:21:57 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841156512

Error: (04/29/2016 01:22:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎04.‎2016 um 12:57:38 unerwartet heruntergefahren.

Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT)
Description: Die Aufgabenplanungdienst konnte durch den Computerstart ausgelöste Aufgaben nicht starten. Zusätzliche Daten: Fehlerwert: 2147942405.

Error: (04/29/2016 12:57:28 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.

Error: (04/29/2016 12:57:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎04.‎2016 um 12:52:40 unerwartet heruntergefahren.


CodeIntegrity:
===================================
  Date: 2016-04-18 13:35:57.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-18 13:26:41.335
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 12:46:40.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 16:00:34.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 13:46:49.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:33:49.290
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:26:25.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:04:38.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 5578.46 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 6858.89 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:767.96 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS
Drive f: () (Removable) (Total:3.74 GB) (Free:3.46 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Und zuletzt die zwei Logfiles von TDSSKiller auf Grund der Länge zunächst TEIL 1 :

Code:

ATTFilter

13:36:16.0144 0x1c8c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:36:16.0144 0x1c8c  UEFI system
13:36:45.0850 0x1c8c  EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
13:36:45.0854 0x1334  Deinitialize success

Code:

ATTFilter

13:37:33.0269 0x03e0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:37:33.0269 0x03e0  UEFI system
13:37:50.0027 0x03e0  ============================================================
13:37:50.0027 0x03e0  Current date / time: 2016/04/29 13:37:50.0027
13:37:50.0027 0x03e0  SystemInfo:
13:37:50.0027 0x03e0  
13:37:50.0027 0x03e0  OS Version: 10.0.10586 ServicePack: 0.0
13:37:50.0027 0x03e0  Product type: Workstation
13:37:50.0027 0x03e0  ComputerName: LENOVO-PC
13:37:50.0027 0x03e0  UserName: UNI
13:37:50.0027 0x03e0  Windows directory: C:\WINDOWS
13:37:50.0027 0x03e0  System windows directory: C:\WINDOWS
13:37:50.0027 0x03e0  Running under WOW64
13:37:50.0027 0x03e0  Processor architecture: Intel x64
13:37:50.0027 0x03e0  Number of processors: 4
13:37:50.0027 0x03e0  Page size: 0x1000
13:37:50.0027 0x03e0  Boot type: Normal boot
13:37:50.0027 0x03e0  ============================================================
13:37:51.0741 0x03e0  KLMD registered as C:\WINDOWS\system32\drivers\73831547.sys
13:37:52.0000 0x03e0  System UUID: {CE297566-D7AD-DA9F-C1B9-6066A74751EF}
13:38:00.0893 0x03e0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:38:00.0897 0x03e0  Drive \Device\Harddisk1\DR1 - Size: 0xF0100000 ( 3.75 Gb ), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:38:00.0899 0x03e0  ============================================================
13:38:00.0899 0x03e0  \Device\Harddisk0\DR0:
13:38:00.0900 0x03e0  GPT partitions:
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F1A6676D-EAC4-418D-BCEB-5F77A9D72A9A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BC6697F8-E391-4AF9-BEF4-013D4A4DDB7E}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {7BB8898E-64C1-435F-9F6F-7E7261DE1434}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {14D32AF2-98DF-4719-9BED-AAD40809F5B3}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C8EA307D-B6E0-4B66-934A-F092620FE5A3}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F2F8800
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7C30580E-32FF-40E1-9B1A-F3D3CBFD529E}, Name: Basic data partition, StartLBA 0x6F7A3000, BlocksNum 0x3200000
13:38:00.0901 0x03e0  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80611826-E840-4DD9-9ABC-EA631D8BE7A2}, Name: Basic data partition, StartLBA 0x729A3000, BlocksNum 0x1D63800
13:38:00.0901 0x03e0  MBR partitions:
13:38:00.0901 0x03e0  \Device\Harddisk1\DR1:
13:38:00.0902 0x03e0  MBR partitions:
13:38:00.0902 0x03e0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x250, BlocksNum 0x7805B0
13:38:00.0902 0x03e0  ============================================================
13:38:00.0904 0x03e0  C: <-> \Device\Harddisk0\DR0\Partition5
13:38:00.0932 0x03e0  D: <-> \Device\Harddisk0\DR0\Partition6
13:38:00.0933 0x03e0  ============================================================
13:38:00.0933 0x03e0  Initialize success
13:38:00.0933 0x03e0  ============================================================
13:38:44.0606 0x0ab0  ============================================================
13:38:44.0606 0x0ab0  Scan started
13:38:44.0606 0x0ab0  Mode: Manual; SigCheck; TDLFS; 
13:38:44.0606 0x0ab0  ============================================================
13:38:44.0606 0x0ab0  KSN ping started
13:38:46.0992 0x0ab0  KSN ping finished: true
13:38:48.0157 0x0ab0  ================ Scan system memory ========================
13:38:48.0157 0x0ab0  System memory - ok
13:38:48.0158 0x0ab0  ================ Scan services =============================
13:38:48.0312 0x0ab0  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:38:48.0400 0x0ab0  1394ohci - ok
13:38:48.0415 0x0ab0  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:38:48.0433 0x0ab0  3ware - ok
13:38:48.0464 0x0ab0  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:38:48.0492 0x0ab0  ACPI - ok
13:38:48.0502 0x0ab0  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:38:48.0520 0x0ab0  acpiex - ok
13:38:48.0526 0x0ab0  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:38:48.0544 0x0ab0  acpipagr - ok
13:38:48.0549 0x0ab0  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:38:48.0572 0x0ab0  AcpiPmi - ok
13:38:48.0577 0x0ab0  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:38:48.0599 0x0ab0  acpitime - ok
13:38:48.0605 0x0ab0  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
13:38:48.0883 0x0ab0  ACPIVPC - ok
13:38:48.0898 0x0ab0  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:38:48.0913 0x0ab0  AdobeARMservice - ok
13:38:48.0990 0x0ab0  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:38:49.0028 0x0ab0  ADP80XX - ok
13:38:49.0047 0x0ab0  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:38:49.0072 0x0ab0  AFD - ok
13:38:49.0077 0x0ab0  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:38:49.0091 0x0ab0  agp440 - ok
13:38:49.0101 0x0ab0  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:38:49.0122 0x0ab0  ahcache - ok
13:38:49.0128 0x0ab0  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
13:38:49.0142 0x0ab0  AJRouter - ok
13:38:49.0148 0x0ab0  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
13:38:49.0165 0x0ab0  ALG - ok
13:38:49.0174 0x0ab0  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:38:49.0190 0x0ab0  AmdK8 - ok
13:38:49.0197 0x0ab0  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:38:49.0213 0x0ab0  AmdPPM - ok
13:38:49.0218 0x0ab0  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:38:49.0231 0x0ab0  amdsata - ok
13:38:49.0242 0x0ab0  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:38:49.0259 0x0ab0  amdsbs - ok
13:38:49.0263 0x0ab0  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:38:49.0277 0x0ab0  amdxata - ok
13:38:49.0320 0x0ab0  [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:38:49.0410 0x0ab0  AntiVirMailService - ok
13:38:49.0458 0x0ab0  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:38:49.0508 0x0ab0  AntiVirSchedulerService - ok
13:38:49.0557 0x0ab0  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:38:49.0608 0x0ab0  AntiVirService - ok
13:38:49.0748 0x0ab0  [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:38:49.0866 0x0ab0  AntiVirWebService - ok
13:38:49.0890 0x0ab0  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:38:49.0937 0x0ab0  AppID - ok
13:38:49.0949 0x0ab0  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:38:50.0007 0x0ab0  AppIDSvc - ok
13:38:50.0024 0x0ab0  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:38:50.0065 0x0ab0  Appinfo - ok
13:38:50.0101 0x0ab0  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:38:50.0129 0x0ab0  Apple Mobile Device Service - ok
13:38:50.0170 0x0ab0  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:38:50.0224 0x0ab0  AppReadiness - ok
13:38:50.0323 0x0ab0  [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:38:50.0401 0x0ab0  AppXSvc - ok
13:38:50.0413 0x0ab0  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:38:50.0426 0x0ab0  arcsas - ok
13:38:50.0432 0x0ab0  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
13:38:50.0448 0x0ab0  AsyncMac - ok
13:38:50.0452 0x0ab0  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:38:50.0465 0x0ab0  atapi - ok
13:38:50.0484 0x0ab0  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:38:50.0504 0x0ab0  AudioEndpointBuilder - ok
13:38:50.0534 0x0ab0  [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:38:50.0576 0x0ab0  Audiosrv - ok
13:38:50.0584 0x0ab0  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
13:38:50.0593 0x0ab0  avgntflt - ok
13:38:50.0655 0x0ab0  [ 8AC3D6C2E2B0B22E918817A96DA4875E, AE6FB86A09373918DD7FA7E19DA9B2915AAAE6DDF5939245F44B5512E3710E1B ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
13:38:50.0682 0x0ab0  avipbb - ok
13:38:50.0708 0x0ab0  [ 8B86696A7030DDBD85B64621BD5B9C44, 9C22C8C5AC39A7138A669A6C4CA9753A6D2F21CFDFB8A1F1A34CB0AFC9DA9F0D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:38:50.0743 0x0ab0  Avira.ServiceHost - ok
13:38:50.0770 0x0ab0  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
13:38:50.0798 0x0ab0  avkmgr - ok
13:38:50.0814 0x0ab0  [ 02488D56FE0DB002CE3B1E120A0ED889, 487067731C2CA1BA8A1CF1C403C2342C153E6BE0CE9B003D914D9647059EFDBD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
13:38:50.0834 0x0ab0  avnetflt - ok
13:38:50.0846 0x0ab0  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:38:50.0888 0x0ab0  AxInstSV - ok
13:38:50.0914 0x0ab0  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:38:50.0939 0x0ab0  b06bdrv - ok
13:38:50.0945 0x0ab0  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:38:50.0959 0x0ab0  BasicDisplay - ok
13:38:50.0970 0x0ab0  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:38:50.0983 0x0ab0  BasicRender - ok
13:38:50.0989 0x0ab0  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
13:38:51.0003 0x0ab0  bcmfn - ok
13:38:51.0007 0x0ab0  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:38:51.0021 0x0ab0  bcmfn2 - ok
13:38:51.0064 0x0ab0  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:38:51.0111 0x0ab0  BDESVC - ok
13:38:51.0154 0x0ab0  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:38:51.0187 0x0ab0  Beep - ok
13:38:51.0226 0x0ab0  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
13:38:51.0268 0x0ab0  BFE - ok
13:38:51.0307 0x0ab0  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:38:51.0366 0x0ab0  BITS - ok
13:38:51.0382 0x0ab0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:38:51.0397 0x0ab0  Bonjour Service - ok
13:38:51.0405 0x0ab0  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:38:51.0420 0x0ab0  bowser - ok
13:38:51.0437 0x0ab0  [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:38:51.0467 0x0ab0  BrokerInfrastructure - ok
13:38:51.0474 0x0ab0  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
13:38:51.0490 0x0ab0  Browser - ok
13:38:51.0495 0x0ab0  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:38:51.0510 0x0ab0  BthAvrcpTg - ok
13:38:51.0515 0x0ab0  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:38:51.0530 0x0ab0  BthHFEnum - ok
13:38:51.0542 0x0ab0  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:38:51.0557 0x0ab0  bthhfhid - ok
13:38:51.0571 0x0ab0  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:38:51.0592 0x0ab0  BthHFSrv - ok
13:38:51.0598 0x0ab0  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:38:51.0614 0x0ab0  BTHMODEM - ok
13:38:51.0639 0x0ab0  [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
13:38:51.0679 0x0ab0  BTHPORT - ok
13:38:51.0687 0x0ab0  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:38:51.0703 0x0ab0  bthserv - ok
13:38:51.0710 0x0ab0  [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
13:38:51.0724 0x0ab0  BTHUSB - ok
13:38:51.0731 0x0ab0  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:38:51.0748 0x0ab0  buttonconverter - ok
13:38:51.0754 0x0ab0  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
13:38:51.0769 0x0ab0  CapImg - ok
13:38:51.0776 0x0ab0  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:38:51.0792 0x0ab0  cdfs - ok
13:38:51.0804 0x0ab0  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
13:38:51.0829 0x0ab0  CDPSvc - ok
13:38:51.0836 0x0ab0  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:38:51.0855 0x0ab0  cdrom - ok
13:38:51.0864 0x0ab0  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:38:51.0885 0x0ab0  CertPropSvc - ok
13:38:51.0890 0x0ab0  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:38:51.0904 0x0ab0  circlass - ok
13:38:51.0916 0x0ab0  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:38:51.0935 0x0ab0  CLFS - ok
13:38:51.0953 0x0ab0  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
13:38:51.0977 0x0ab0  ClipSVC - ok
13:38:51.0990 0x0ab0  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:38:52.0002 0x0ab0  CmBatt - ok
13:38:52.0028 0x0ab0  [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:38:52.0051 0x0ab0  CNG - ok
13:38:52.0057 0x0ab0  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:38:52.0069 0x0ab0  cnghwassist - ok
13:38:52.0110 0x0ab0  [ 579B8A665076612D65107D3C7F80CBF7, EDD2763544A71A580ABC6F3E1F3794B9D20B31522413A6B409398ED900392CCF ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
13:38:52.0148 0x0ab0  CnxtHdAudService - ok
13:38:52.0177 0x0ab0  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
13:38:52.0191 0x0ab0  CompositeBus - ok
13:38:52.0194 0x0ab0  COMSysApp - ok
13:38:52.0201 0x0ab0  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:38:52.0213 0x0ab0  condrv - ok
13:38:52.0235 0x0ab0  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:38:52.0263 0x0ab0  CoreMessagingRegistrar - ok
13:38:52.0333 0x0ab0  [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:38:52.0350 0x0ab0  cphs - ok
13:38:52.0358 0x0ab0  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:38:52.0373 0x0ab0  CryptSvc - ok
13:38:52.0382 0x0ab0  [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
13:38:52.0395 0x0ab0  CxAudMsg - ok
13:38:52.0400 0x0ab0  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:38:52.0412 0x0ab0  dam - ok
13:38:52.0438 0x0ab0  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:38:52.0479 0x0ab0  DcomLaunch - ok
13:38:52.0501 0x0ab0  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
13:38:52.0523 0x0ab0  DcpSvc - ok
13:38:52.0539 0x0ab0  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:38:52.0573 0x0ab0  defragsvc - ok
13:38:52.0588 0x0ab0  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:38:52.0614 0x0ab0  DeviceAssociationService - ok
13:38:52.0620 0x0ab0  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:38:52.0642 0x0ab0  DeviceInstall - ok
13:38:52.0648 0x0ab0  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
13:38:52.0662 0x0ab0  DevQueryBroker - ok
13:38:52.0670 0x0ab0  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:38:52.0686 0x0ab0  Dfsc - ok
13:38:52.0687 0x0a60  Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
13:38:52.0694 0x0ab0  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:38:52.0708 0x0ab0  dg_ssudbus - ok
13:38:52.0722 0x0ab0  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:38:52.0752 0x0ab0  Dhcp - ok
13:38:52.0765 0x0ab0  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:38:52.0778 0x0ab0  diagnosticshub.standardcollector.service - ok
13:38:52.0821 0x0ab0  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:38:52.0874 0x0ab0  DiagTrack - ok
13:38:52.0883 0x0ab0  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:38:52.0896 0x0ab0  disk - ok
13:38:52.0907 0x0ab0  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:38:52.0932 0x0ab0  DmEnrollmentSvc - ok
13:38:52.0945 0x0ab0  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:38:52.0958 0x0ab0  dmvsc - ok
13:38:52.0963 0x0ab0  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:38:52.0981 0x0ab0  dmwappushservice - ok
13:38:52.0991 0x0ab0  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:38:53.0012 0x0ab0  Dnscache - ok
13:38:53.0024 0x0ab0  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:38:53.0047 0x0ab0  dot3svc - ok
13:38:53.0055 0x0ab0  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
13:38:53.0072 0x0ab0  DPS - ok
13:38:53.0076 0x0ab0  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
13:38:53.0087 0x0ab0  drmkaud - ok
13:38:53.0096 0x0ab0  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:38:53.0115 0x0ab0  DsmSvc - ok
13:38:53.0123 0x0ab0  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
13:38:53.0142 0x0ab0  DsSvc - ok
13:38:53.0205 0x0ab0  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:38:53.0274 0x0ab0  DXGKrnl - ok
13:38:53.0291 0x0ab0  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:38:53.0329 0x0ab0  Eaphost - ok
13:38:53.0535 0x0ab0  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:38:53.0750 0x0ab0  ebdrv - ok
13:38:53.0782 0x0ab0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
13:38:53.0795 0x0ab0  EFS - ok
13:38:53.0820 0x0ab0  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:38:53.0835 0x0ab0  EhStorClass - ok
13:38:53.0865 0x0ab0  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:38:53.0881 0x0ab0  EhStorTcgDrv - ok
13:38:53.0888 0x0ab0  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
13:38:53.0911 0x0ab0  embeddedmode - ok
13:38:53.0931 0x0ab0  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:38:53.0953 0x0ab0  EntAppSvc - ok
13:38:53.0957 0x0ab0  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:38:53.0971 0x0ab0  ErrDev - ok
13:38:53.0977 0x0b0c  Object required for P2P: [ 5CF5E80616F74B769AABCF76FEA791D1 ] avgntflt
13:38:53.0991 0x0ab0  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
13:38:54.0013 0x0ab0  ETD - ok
13:38:54.0022 0x0ab0  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
13:38:54.0032 0x0ab0  ETDService - ok
13:38:54.0050 0x0ab0  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
13:38:54.0078 0x0ab0  EventSystem - ok
13:38:54.0089 0x0ab0  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:38:54.0110 0x0ab0  exfat - ok
13:38:54.0121 0x0ab0  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:38:54.0139 0x0ab0  fastfat - ok
13:38:54.0160 0x0ab0  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:38:54.0191 0x0ab0  Fax - ok
13:38:54.0196 0x0ab0  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:38:54.0209 0x0ab0  fdc - ok
13:38:54.0214 0x0ab0  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:38:54.0233 0x0ab0  fdPHost - ok
13:38:54.0237 0x0ab0  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:38:54.0258 0x0ab0  FDResPub - ok
13:38:54.0266 0x0ab0  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:38:54.0286 0x0ab0  fhsvc - ok
13:38:54.0293 0x0ab0  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
13:38:54.0307 0x0ab0  FileCrypt - ok
13:38:54.0316 0x0ab0  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:38:54.0328 0x0ab0  FileInfo - ok
13:38:54.0332 0x0ab0  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:38:54.0352 0x0ab0  Filetrace - ok
13:38:54.0358 0x0ab0  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:38:54.0373 0x0ab0  flpydisk - ok
13:38:54.0385 0x0ab0  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:38:54.0405 0x0ab0  FltMgr - ok
13:38:54.0446 0x0ab0  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:38:54.0511 0x0ab0  FontCache - ok
13:38:54.0518 0x0ab0  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:38:54.0529 0x0ab0  FontCache3.0.0.0 - ok
13:38:54.0535 0x0ab0  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:38:54.0547 0x0ab0  FsDepends - ok
13:38:54.0551 0x0ab0  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:38:54.0563 0x0ab0  Fs_Rec - ok
13:38:54.0578 0x0ab0  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:38:54.0603 0x0ab0  fvevol - ok
13:38:54.0609 0x0ab0  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:38:54.0621 0x0ab0  gagp30kx - ok
13:38:54.0626 0x0ab0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:38:54.0635 0x0ab0  GEARAspiWDM - ok
13:38:54.0640 0x0ab0  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:38:54.0654 0x0ab0  gencounter - ok
13:38:54.0658 0x0ab0  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
13:38:54.0671 0x0ab0  genericusbfn - ok
13:38:54.0679 0x0ab0  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:38:54.0694 0x0ab0  GPIOClx0101 - ok
13:38:54.0736 0x0ab0  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:38:54.0794 0x0ab0  gpsvc - ok
13:38:54.0799 0x0ab0  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:38:54.0818 0x0ab0  GpuEnergyDrv - ok
13:38:54.0827 0x0ab0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:54.0836 0x0ab0  gupdate - ok
13:38:54.0841 0x0ab0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:54.0851 0x0ab0  gupdatem - ok
13:38:54.0856 0x0ab0  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:38:54.0872 0x0ab0  HDAudBus - ok
13:38:54.0883 0x0ab0  [ 8E424DB88D6DC98F9C9F3F2890C4A3E1, 93ADD09CB1012B91951277D7FF8BA9FDD842F44999E7331DE73BFB2F5F0D2B6F ] HerculesDJControlMP3 C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
13:38:54.0891 0x0ab0  HerculesDJControlMP3 - detected UnsignedFile.Multi.Generic ( 1 )
13:38:54.0931 0x1940  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
13:38:55.0150 0x0a60  Object send P2P result: true
13:38:56.0417 0x0b0c  Object send P2P result: true
13:38:56.0417 0x0b0c  Object required for P2P: [ 8B86696A7030DDBD85B64621BD5B9C44 ] Avira.ServiceHost
13:38:57.0318 0x0ab0  Detect skipped due to KSN trusted
13:38:57.0319 0x0ab0  HerculesDJControlMP3 - ok
13:38:57.0328 0x0ab0  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:38:57.0366 0x0ab0  HidBatt - ok
13:38:57.0366 0x1940  Object send P2P result: true
13:38:57.0382 0x0ab0  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:38:57.0424 0x0ab0  HidBth - ok
13:38:57.0433 0x0ab0  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:38:57.0459 0x0ab0  hidi2c - ok
13:38:57.0468 0x0ab0  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:38:57.0491 0x0ab0  hidinterrupt - ok
13:38:57.0499 0x0ab0  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:38:57.0528 0x0ab0  HidIr - ok
13:38:57.0537 0x0ab0  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:38:57.0563 0x0ab0  hidserv - ok
13:38:57.0571 0x0ab0  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:38:57.0599 0x0ab0  HidUsb - ok
13:38:57.0616 0x0ab0  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:38:57.0658 0x0ab0  HomeGroupListener - ok
13:38:57.0682 0x0ab0  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:38:57.0711 0x0ab0  HomeGroupProvider - ok
13:38:57.0717 0x0ab0  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:38:57.0729 0x0ab0  HpSAMD - ok
13:38:57.0734 0x0ab0  [ A0FFCF6391B5270B2A34E379DE446878, 8AFD522ED2488723D2B72B7BA214272E6ABFAC4F3AA589888FFB35A0A44660CE ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
13:38:57.0741 0x0ab0  HPSupportSolutionsFrameworkService - ok
13:38:57.0769 0x0ab0  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:38:57.0804 0x0ab0  HTTP - ok
13:38:57.0824 0x0ab0  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:38:57.0835 0x0ab0  hwpolicy - ok
13:38:57.0840 0x0ab0  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:38:57.0852 0x0ab0  hyperkbd - ok
13:38:57.0857 0x0ab0  [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:38:57.0873 0x0ab0  HyperVideo - ok
13:38:57.0879 0x0ab0  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:38:57.0894 0x0ab0  i8042prt - ok
13:38:57.0900 0x0ab0  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
13:38:57.0916 0x0ab0  iai2c - ok
13:38:57.0925 0x0ab0  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:38:57.0942 0x0ab0  iaLPSS2i_I2C - ok
13:38:57.0957 0x0ab0  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:38:57.0975 0x0ab0  iaLPSSi_GPIO - ok
13:38:57.0988 0x0ab0  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:38:58.0025 0x0ab0  iaLPSSi_I2C - ok
13:38:58.0074 0x0ab0  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:38:58.0097 0x0ab0  iaStorA - ok
13:38:58.0117 0x0ab0  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:38:58.0142 0x0ab0  iaStorAV - ok
13:38:58.0151 0x0ab0  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:38:58.0157 0x0ab0  IAStorDataMgrSvc - ok
13:38:58.0172 0x0ab0  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:38:58.0191 0x0ab0  iaStorV - ok
13:38:58.0204 0x0ab0  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
13:38:58.0224 0x0ab0  ibbus - ok
13:38:58.0232 0x0ab0  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
13:38:58.0249 0x0ab0  icssvc - ok
13:38:58.0252 0x0ab0  IEEtwCollectorService - ok
13:38:58.0469 0x0ab0  [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:38:58.0627 0x0ab0  igfx - ok
13:38:58.0649 0x0ab0  [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:38:58.0665 0x0ab0  igfxCUIService2.0.0.0 - ok
13:38:58.0696 0x0ab0  [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:38:58.0738 0x0ab0  IKEEXT - ok
13:38:58.0745 0x0ab0  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:38:58.0752 0x0ab0  intaud_WaveExtensible - ok
13:38:58.0769 0x0ab0  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:38:58.0784 0x0ab0  IntcDAud - ok
13:38:58.0808 0x0ab0  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:38:58.0838 0x0ab0  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
13:38:58.0850 0x0b0c  Object send P2P result: true
13:39:01.0279 0x0ab0  Detect skipped due to KSN trusted
13:39:01.0279 0x0ab0  Intel(R) Capability Licensing Service Interface - ok
13:39:01.0328 0x0ab0  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:39:01.0363 0x0ab0  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:39:01.0368 0x0ab0  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:39:01.0380 0x0ab0  intelide - ok
13:39:01.0385 0x0ab0  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:39:01.0396 0x0ab0  intelpep - ok
13:39:01.0404 0x0ab0  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:39:01.0421 0x0ab0  intelppm - ok
13:39:01.0425 0x0ab0  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
13:39:01.0439 0x0ab0  IoQos - ok
13:39:01.0444 0x0ab0  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:39:01.0463 0x0ab0  IpFilterDriver - ok
13:39:01.0490 0x0ab0  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:39:01.0534 0x0ab0  iphlpsvc - ok
13:39:01.0540 0x0ab0  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:39:01.0555 0x0ab0  IPMIDRV - ok
13:39:01.0562 0x0ab0  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:39:01.0578 0x0ab0  IPNAT - ok
13:39:01.0596 0x0ab0  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:39:01.0615 0x0ab0  iPod Service - ok
13:39:01.0620 0x0ab0  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:39:01.0636 0x0ab0  IRENUM - ok
13:39:01.0640 0x0ab0  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:39:01.0654 0x0ab0  isapnp - ok
13:39:01.0665 0x0ab0  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:39:01.0681 0x0ab0  iScsiPrt - ok
13:39:01.0710 0x0ab0  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:39:01.0720 0x0ab0  jhi_service - ok
13:39:01.0729 0x0ab0  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:39:01.0740 0x0ab0  kbdclass - ok
13:39:01.0744 0x0ab0  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:39:01.0760 0x0ab0  kbdhid - ok
13:39:01.0764 0x0ab0  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
13:39:01.0778 0x0ab0  kdnic - ok
13:39:01.0783 0x0ab0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:39:01.0796 0x0ab0  KeyIso - ok
13:39:01.0812 0x0ab0  [ 62EBD4202B505ACADE2FBC56CC73E0A2, 2FCA80096B7DB5B42E76F527D9ABCF29AF7D52FC60BED6DD4C11C1BACA0D63F1 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
13:39:01.0829 0x0ab0  KL1 - ok
13:39:01.0837 0x0ab0  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
13:39:01.0852 0x0ab0  klelam - ok
13:39:01.0871 0x0ab0  [ 35C5969972905CAFC79E632000848FBB, CBFC9AC0FD629EE9611604976ECA987DE1D4D9E7CBFAC94D0E13F361F0354DB2 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
13:39:01.0883 0x0ab0  klflt - ok
13:39:01.0894 0x0ab0  [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
13:39:01.0906 0x0ab0  klhk - ok
13:39:01.0929 0x0ab0  [ 07D8BD68D2A173EFEFC788717B96B021, 5D3BB19B9775EACECF3E052183117C2F64969F10AF022227AEFF09455C66A80D ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
13:39:01.0955 0x0ab0  KLIF - ok
13:39:01.0963 0x0ab0  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:39:01.0976 0x0ab0  KSecDD - ok
13:39:01.0983 0x0ab0  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:39:01.0998 0x0ab0  KSecPkg - ok
13:39:02.0002 0x0ab0  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:39:02.0015 0x0ab0  ksthunk - ok
13:39:02.0029 0x0ab0  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:39:02.0054 0x0ab0  KtmRm - ok
13:39:02.0065 0x0ab0  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:39:02.0087 0x0ab0  LanmanServer - ok
13:39:02.0099 0x0ab0  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:39:02.0120 0x0ab0  LanmanWorkstation - ok
13:39:02.0151 0x0ab0  [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
13:39:02.0170 0x0ab0  Lenovo EasyPlus Hotspot - ok
13:39:02.0198 0x0ab0  [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
13:39:02.0216 0x0ab0  Lenovo System Agent Service - ok
13:39:02.0225 0x0ab0  [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
13:39:02.0236 0x0ab0  LenovoWiFiHotspotSvr - ok
13:39:02.0242 0x0ab0  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
13:39:02.0255 0x0ab0  lfsvc - ok
13:39:02.0259 0x0ab0  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
13:39:02.0273 0x0ab0  LicenseManager - ok
13:39:02.0278 0x0ab0  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
13:39:02.0296 0x0ab0  lltdio - ok
13:39:02.0307 0x0ab0  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:39:02.0329 0x0ab0  lltdsvc - ok
13:39:02.0334 0x0ab0  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:39:02.0349 0x0ab0  lmhosts - ok
13:39:02.0362 0x0ab0  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:39:02.0376 0x0ab0  LMS - ok
13:39:02.0385 0x0ab0  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:39:02.0398 0x0ab0  LSI_SAS - ok
13:39:02.0404 0x0ab0  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:39:02.0420 0x0ab0  LSI_SAS2i - ok
13:39:02.0425 0x0ab0  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:39:02.0438 0x0ab0  LSI_SAS3i - ok
13:39:02.0443 0x0ab0  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:39:02.0457 0x0ab0  LSI_SSS - ok
13:39:02.0478 0x0ab0  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
13:39:02.0512 0x0ab0  LSM - ok
13:39:02.0519 0x0ab0  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:39:02.0539 0x0ab0  luafv - ok
13:39:02.0544 0x0ab0  [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker      C:\WINDOWS\System32\moshost.dll
13:39:02.0562 0x0ab0  MapsBroker - ok
13:39:02.0566 0x0ab0  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:39:02.0580 0x0ab0  megasas - ok
13:39:02.0595 0x0ab0  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:39:02.0619 0x0ab0  megasr - ok
13:39:02.0696 0x0ab0  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
13:39:02.0721 0x0ab0  MEIx64 - ok
13:39:02.0759 0x0ab0  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:39:02.0807 0x0ab0  MessagingService - ok
13:39:02.0883 0x0ab0  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:39:02.0924 0x0ab0  mlx4_bus - ok
13:39:02.0931 0x0ab0  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
13:39:02.0945 0x0ab0  MMCSS - ok
13:39:02.0950 0x0ab0  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:39:02.0969 0x0ab0  Modem - ok
13:39:02.0973 0x0ab0  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:39:02.0986 0x0ab0  monitor - ok
13:39:02.0992 0x0ab0  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys
13:39:03.0006 0x0ab0  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
13:39:05.0449 0x0ab0  Detect skipped due to KSN trusted
13:39:05.0449 0x0ab0  MotioninJoyXFilter - ok
13:39:05.0460 0x0ab0  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:39:05.0492 0x0ab0  mouclass - ok
13:39:05.0500 0x0ab0  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:39:05.0522 0x0ab0  mouhid - ok
13:39:05.0531 0x0ab0  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:39:05.0553 0x0ab0  mountmgr - ok

CaptainM · 29.04.2016, 14:26

TEIL 2 der zweiten Logfile von TDSSKiller:

Code:

ATTFilter

13:39:05.0563 0x0ab0  [ F5CEB5CE82DC9CC94873C487DF2BA73C, 21F3335A9F01084F6F95F16D61D3E3ED80CE3D887ED15DD025D4E296F239B16B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:39:05.0584 0x0ab0  MozillaMaintenance - ok
13:39:05.0593 0x0ab0  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:39:05.0619 0x0ab0  mpsdrv - ok
13:39:05.0656 0x0ab0  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:39:05.0702 0x0ab0  MpsSvc - ok
13:39:05.0711 0x0ab0  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:39:05.0727 0x0ab0  MRxDAV - ok
13:39:05.0753 0x0ab0  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:39:05.0792 0x0ab0  mrxsmb - ok
13:39:05.0808 0x0ab0  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:39:05.0842 0x0ab0  mrxsmb10 - ok
13:39:05.0854 0x0ab0  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:39:05.0879 0x0ab0  mrxsmb20 - ok
13:39:05.0887 0x0ab0  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
13:39:05.0903 0x0ab0  MsBridge - ok
13:39:05.0910 0x0ab0  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:39:05.0929 0x0ab0  MSDTC - ok
13:39:05.0938 0x0ab0  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:39:05.0958 0x0ab0  Msfs - ok
13:39:05.0964 0x0ab0  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:39:05.0979 0x0ab0  msgpiowin32 - ok
13:39:05.0985 0x0ab0  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:39:05.0999 0x0ab0  mshidkmdf - ok
13:39:06.0004 0x0ab0  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:39:06.0017 0x0ab0  mshidumdf - ok
13:39:06.0020 0x0ab0  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:39:06.0034 0x0ab0  msisadrv - ok
13:39:06.0041 0x0ab0  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:39:06.0059 0x0ab0  MSiSCSI - ok
13:39:06.0063 0x0ab0  msiserver - ok
13:39:06.0068 0x0ab0  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:39:06.0081 0x0ab0  MSKSSRV - ok
13:39:06.0086 0x0ab0  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
13:39:06.0104 0x0ab0  MsLldp - ok
13:39:06.0123 0x0ab0  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:39:06.0136 0x0ab0  MSPCLOCK - ok
13:39:06.0140 0x0ab0  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:39:06.0153 0x0ab0  MSPQM - ok
13:39:06.0163 0x0ab0  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:39:06.0184 0x0ab0  MsRPC - ok
13:39:06.0190 0x0ab0  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:39:06.0202 0x0ab0  mssmbios - ok
13:39:06.0206 0x0ab0  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:39:06.0220 0x0ab0  MSTEE - ok
13:39:06.0224 0x0ab0  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:39:06.0238 0x0ab0  MTConfig - ok
13:39:06.0243 0x0ab0  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:39:06.0258 0x0ab0  Mup - ok
13:39:06.0263 0x0ab0  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:39:06.0276 0x0ab0  mvumis - ok
13:39:06.0310 0x0ab0  [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:39:06.0346 0x0ab0  NativeWifiP - ok
13:39:06.0355 0x0ab0  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:39:06.0374 0x0ab0  NcaSvc - ok
13:39:06.0386 0x0ab0  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:39:06.0409 0x0ab0  NcbService - ok
13:39:06.0416 0x0ab0  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:39:06.0440 0x0ab0  NcdAutoSetup - ok
13:39:06.0445 0x0ab0  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
13:39:06.0458 0x0ab0  ndfltr - ok
13:39:06.0489 0x0ab0  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:39:06.0524 0x0ab0  NDIS - ok
13:39:06.0531 0x0ab0  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
13:39:06.0546 0x0ab0  NdisCap - ok
13:39:06.0552 0x0ab0  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:39:06.0572 0x0ab0  NdisImPlatform - ok
13:39:06.0576 0x0ab0  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:39:06.0593 0x0ab0  NdisTapi - ok
13:39:06.0598 0x0ab0  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
13:39:06.0612 0x0ab0  Ndisuio - ok
13:39:06.0616 0x0ab0  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:39:06.0632 0x0ab0  NdisVirtualBus - ok
13:39:06.0639 0x0ab0  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
13:39:06.0660 0x0ab0  NdisWan - ok
13:39:06.0669 0x0ab0  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:39:06.0691 0x0ab0  ndiswanlegacy - ok
13:39:06.0696 0x0ab0  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:39:06.0714 0x0ab0  ndproxy - ok
13:39:06.0721 0x0ab0  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:39:06.0737 0x0ab0  Ndu - ok
13:39:06.0742 0x0ab0  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
13:39:06.0755 0x0ab0  NetBIOS - ok
13:39:06.0766 0x0ab0  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:39:06.0786 0x0ab0  NetBT - ok
13:39:06.0792 0x0ab0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:39:06.0804 0x0ab0  Netlogon - ok
13:39:06.0814 0x0ab0  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
13:39:06.0838 0x0ab0  Netman - ok
13:39:06.0855 0x0ab0  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:39:06.0886 0x0ab0  netprofm - ok
13:39:06.0897 0x0ab0  [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
13:39:06.0917 0x0ab0  NetSetupSvc - ok
13:39:06.0933 0x0ab0  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:39:06.0944 0x0ab0  NetTcpPortSharing - ok
13:39:06.0951 0x0ab0  [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
13:39:06.0968 0x0ab0  netvsc - ok
13:39:06.0982 0x0ab0  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
13:39:07.0003 0x0ab0  NgcCtnrSvc - ok
13:39:07.0049 0x0ab0  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
13:39:07.0082 0x0ab0  NgcSvc - ok
13:39:07.0095 0x0ab0  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:39:07.0122 0x0ab0  NlaSvc - ok
13:39:07.0127 0x0ab0  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:39:07.0143 0x0ab0  Npfs - ok
13:39:07.0148 0x0ab0  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:39:07.0160 0x0ab0  npsvctrig - ok
13:39:07.0167 0x0ab0  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:39:07.0181 0x0ab0  nsi - ok
13:39:07.0186 0x0ab0  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:39:07.0200 0x0ab0  nsiproxy - ok
13:39:07.0306 0x0ab0  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
13:39:07.0368 0x0ab0  NTFS - ok
13:39:07.0375 0x0ab0  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:39:07.0388 0x0ab0  Null - ok
13:39:07.0723 0x0ab0  [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:39:07.0946 0x0ab0  nvlddmkm - ok
13:39:07.0981 0x0ab0  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:39:07.0994 0x0ab0  nvraid - ok
13:39:08.0003 0x0ab0  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:39:08.0019 0x0ab0  nvstor - ok
13:39:08.0045 0x0ab0  [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:39:08.0073 0x0ab0  nvsvc - ok
13:39:08.0134 0x0ab0  [ 10DEF604B1929D9515969E1CAE7D250A, AC343E716453B9CA16B4763A714FB4B09671D8EB56A8C46C22CBD769EB7937C4 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:39:08.0177 0x0ab0  nvUpdatusService - ok
13:39:08.0187 0x0ab0  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:39:08.0201 0x0ab0  nv_agp - ok
13:39:08.0213 0x0ab0  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
13:39:08.0239 0x0ab0  OneSyncSvc - ok
13:39:08.0267 0x0ab0  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:39:08.0289 0x0ab0  p2pimsvc - ok
13:39:08.0321 0x0ab0  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:39:08.0347 0x0ab0  p2psvc - ok
13:39:08.0353 0x0ab0  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:39:08.0368 0x0ab0  Parport - ok
13:39:08.0374 0x0ab0  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:39:08.0387 0x0ab0  partmgr - ok
13:39:08.0424 0x0ab0  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:39:08.0451 0x0ab0  PcaSvc - ok
13:39:08.0487 0x0ab0  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:39:08.0522 0x0ab0  pci - ok
13:39:08.0526 0x0ab0  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:39:08.0538 0x0ab0  pciide - ok
13:39:08.0563 0x0ab0  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:39:08.0575 0x0ab0  pcmcia - ok
13:39:08.0580 0x0ab0  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:39:08.0592 0x0ab0  pcw - ok
13:39:08.0598 0x0ab0  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:39:08.0610 0x0ab0  pdc - ok
13:39:08.0632 0x0ab0  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:39:08.0667 0x0ab0  PEAUTH - ok
13:39:08.0673 0x0ab0  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
13:39:08.0685 0x0ab0  percsas2i - ok
13:39:08.0691 0x0ab0  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
13:39:08.0703 0x0ab0  percsas3i - ok
13:39:08.0779 0x0ab0  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:39:08.0791 0x0ab0  PerfHost - ok
13:39:08.0819 0x0ab0  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
13:39:08.0855 0x0ab0  PhoneSvc - ok
13:39:08.0866 0x0ab0  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:39:08.0885 0x0ab0  PimIndexMaintenanceSvc - ok
13:39:08.0931 0x0ab0  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
13:39:08.0991 0x0ab0  pla - ok
13:39:08.0999 0x0ab0  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:39:09.0020 0x0ab0  PlugPlay - ok
13:39:09.0028 0x0ab0  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:39:09.0042 0x0ab0  PNRPAutoReg - ok
13:39:09.0054 0x0ab0  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:39:09.0078 0x0ab0  PNRPsvc - ok
13:39:09.0091 0x0ab0  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:39:09.0117 0x0ab0  PolicyAgent - ok
13:39:09.0126 0x0ab0  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
13:39:09.0143 0x0ab0  Power - ok
13:39:09.0149 0x0ab0  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
13:39:09.0166 0x0ab0  PptpMiniport - ok
13:39:09.0317 0x0ab0  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:39:09.0425 0x0ab0  PrintNotify - ok
13:39:09.0447 0x0ab0  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:39:09.0461 0x0ab0  Processor - ok
13:39:09.0473 0x0ab0  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:39:09.0496 0x0ab0  ProfSvc - ok
13:39:09.0515 0x0ab0  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
13:39:09.0529 0x0ab0  Psched - ok
13:39:09.0557 0x0ab0  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:39:09.0579 0x0ab0  QWAVE - ok
13:39:09.0584 0x0ab0  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:39:09.0598 0x0ab0  QWAVEdrv - ok
13:39:09.0602 0x0ab0  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:39:09.0616 0x0ab0  RasAcd - ok
13:39:09.0621 0x0ab0  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
13:39:09.0639 0x0ab0  RasAgileVpn - ok
13:39:09.0645 0x0ab0  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:39:09.0661 0x0ab0  RasAuto - ok
13:39:09.0669 0x0ab0  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
13:39:09.0684 0x0ab0  Rasl2tp - ok
13:39:09.0703 0x0ab0  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:39:09.0740 0x0ab0  RasMan - ok
13:39:09.0746 0x0ab0  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
13:39:09.0766 0x0ab0  RasPppoe - ok
13:39:09.0771 0x0ab0  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
13:39:09.0787 0x0ab0  RasSstp - ok
13:39:09.0800 0x0ab0  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:39:09.0824 0x0ab0  rdbss - ok
13:39:09.0831 0x0ab0  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:39:09.0846 0x0ab0  rdpbus - ok
13:39:09.0854 0x0ab0  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:39:09.0878 0x0ab0  RDPDR - ok
13:39:09.0888 0x0ab0  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:39:09.0900 0x0ab0  RdpVideoMiniport - ok
13:39:09.0909 0x0ab0  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:39:09.0924 0x0ab0  rdyboost - ok
13:39:09.0969 0x0ab0  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
13:39:10.0001 0x0ab0  ReFSv1 - ok
13:39:10.0031 0x0ab0  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:39:10.0060 0x0ab0  RemoteAccess - ok
13:39:10.0068 0x0ab0  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:39:10.0089 0x0ab0  RemoteRegistry - ok
13:39:10.0118 0x0ab0  [ 518A992A6700A86A47F79388F91737C0, 29B5D48F1E360714F9BCB26939AD49ED07F6D9C82E0DB5C9C6AF5B0BBFF04341 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
13:39:10.0163 0x0ab0  RetailDemo - ok
13:39:10.0184 0x0ab0  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
13:39:10.0197 0x0ab0  RichVideo64 - ok
13:39:10.0208 0x0ab0  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:39:10.0235 0x0ab0  RpcEptMapper - ok
13:39:10.0239 0x0ab0  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:39:10.0254 0x0ab0  RpcLocator - ok
13:39:10.0279 0x0ab0  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:39:10.0318 0x0ab0  RpcSs - ok
13:39:10.0327 0x0ab0  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
13:39:10.0345 0x0ab0  rspndr - ok
13:39:10.0469 0x0ab0  [ FA00B16D06217288AFD700223DA131BA, 90688C3A8403FEF2A90550781CBA932A522125B47D71F3F0AF73E21E43BC5564 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
13:39:10.0509 0x0ab0  rt640x64 - ok
13:39:10.0541 0x0ab0  [ 8CF15A5A9FC24323E2B63DDF9788C74E, 4E91D45DB6E811B5DC75DD96EEE8813414F243D82AA789F7C2D464463B4DE7F4 ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
13:39:10.0560 0x0ab0  RtkBtFilter - ok
13:39:10.0574 0x0ab0  [ 87CCF37EC2858FCF7689F8FC0B72F39A, 60B71BDC7388887AC7EB2C869DEAF86DD06B7EB9DEE3CF4F4DFE2D1BCE3BDAA8 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
13:39:10.0589 0x0ab0  RTSUER - ok
13:39:10.0718 0x0ab0  [ 14F73F34745B8EEF780181910B3BF41F, 7A7073334C84E7488656058202772E3861A5A81B14D4CF0899F712C8C3F26A95 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
13:39:10.0814 0x0ab0  rtsuvc - ok
13:39:10.0914 0x0ab0  [ 52BFDF19FBFDC7C8E811C73350CA2B52, E8385F78C133B06D6A7F488DAB7308A7D3ED7181C7CE02D150912CA9ABFC4C94 ] RTWlanE         C:\WINDOWS\System32\drivers\rtwlane.sys
13:39:11.0027 0x0ab0  RTWlanE - ok
13:39:11.0039 0x0ab0  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:39:11.0051 0x0ab0  s3cap - ok
13:39:11.0056 0x0ab0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:39:11.0069 0x0ab0  SamSs - ok
13:39:11.0072 0x0ab0  SAService - ok
13:39:11.0080 0x0ab0  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:39:11.0092 0x0ab0  sbp2port - ok
13:39:11.0128 0x0ab0  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:39:11.0150 0x0ab0  SCardSvr - ok
13:39:11.0158 0x0ab0  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:39:11.0180 0x0ab0  ScDeviceEnum - ok
13:39:11.0186 0x0ab0  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:39:11.0205 0x0ab0  scfilter - ok
13:39:11.0234 0x0ab0  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:39:11.0282 0x0ab0  Schedule - ok
13:39:11.0301 0x0ab0  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:39:11.0330 0x0ab0  SCPolicySvc - ok
13:39:11.0342 0x0ab0  [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:39:11.0359 0x0ab0  sdbus - ok
13:39:11.0368 0x0ab0  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:39:11.0386 0x0ab0  SDRSVC - ok
13:39:11.0402 0x0ab0  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:39:11.0414 0x0ab0  sdstor - ok
13:39:11.0419 0x0ab0  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:39:11.0433 0x0ab0  seclogon - ok
13:39:11.0439 0x0ab0  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
13:39:11.0460 0x0ab0  SENS - ok
13:39:11.0493 0x0ab0  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:39:11.0573 0x0ab0  SensorDataService - ok
13:39:11.0598 0x0ab0  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService   C:\WINDOWS\system32\SensorService.dll
13:39:11.0646 0x0ab0  SensorService - ok
13:39:11.0661 0x0ab0  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:39:11.0696 0x0ab0  SensrSvc - ok
13:39:11.0730 0x0ab0  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:39:11.0763 0x0ab0  SerCx - ok
13:39:11.0783 0x0ab0  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:39:11.0807 0x0ab0  SerCx2 - ok
13:39:11.0814 0x0ab0  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:39:11.0837 0x0ab0  Serenum - ok
13:39:11.0849 0x0ab0  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:39:11.0873 0x0ab0  Serial - ok
13:39:11.0881 0x0ab0  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:39:11.0905 0x0ab0  sermouse - ok
13:39:11.0928 0x0ab0  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:39:11.0953 0x0ab0  SessionEnv - ok
13:39:11.0957 0x0ab0  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:39:11.0975 0x0ab0  sfloppy - ok
13:39:11.0989 0x0ab0  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:39:12.0017 0x0ab0  SharedAccess - ok
13:39:12.0058 0x0ab0  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:39:12.0096 0x0ab0  ShellHWDetection - ok
13:39:12.0102 0x0ab0  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:39:12.0114 0x0ab0  SiSRaid2 - ok
13:39:12.0120 0x0ab0  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:39:12.0134 0x0ab0  SiSRaid4 - ok
13:39:12.0144 0x0ab0  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:39:12.0162 0x0ab0  SkypeUpdate - ok
13:39:12.0167 0x0ab0  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
13:39:12.0185 0x0ab0  smphost - ok
13:39:12.0204 0x0ab0  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
13:39:12.0248 0x0ab0  SmsRouter - ok
13:39:12.0270 0x0ab0  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:39:12.0309 0x0ab0  SNMPTRAP - ok
13:39:12.0342 0x0ab0  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:39:12.0380 0x0ab0  spaceport - ok
13:39:12.0414 0x0ab0  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:39:12.0449 0x0ab0  SpbCx - ok
13:39:12.0486 0x0ab0  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:39:12.0533 0x0ab0  Spooler - ok
13:39:12.0770 0x0ab0  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:39:12.0929 0x0ab0  sppsvc - ok
13:39:12.0951 0x0ab0  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:39:12.0977 0x0ab0  srv - ok
13:39:12.0994 0x0ab0  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:39:13.0026 0x0ab0  srv2 - ok
13:39:13.0035 0x0ab0  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:39:13.0054 0x0ab0  srvnet - ok
13:39:13.0064 0x0ab0  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:39:13.0087 0x0ab0  SSDPSRV - ok
13:39:13.0096 0x0ab0  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:39:13.0117 0x0ab0  SstpSvc - ok
13:39:13.0126 0x0ab0  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:39:13.0138 0x0ab0  ssudmdm - ok
13:39:13.0267 0x0ab0  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:39:13.0369 0x0ab0  StateRepository - ok
13:39:13.0397 0x0ab0  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:39:13.0505 0x0ab0  Steam Client Service - ok
13:39:13.0521 0x0ab0  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:39:13.0561 0x0ab0  stexstor - ok
13:39:13.0590 0x0ab0  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:39:13.0662 0x0ab0  stisvc - ok
13:39:13.0674 0x0ab0  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:39:13.0699 0x0ab0  storahci - ok
13:39:13.0716 0x0ab0  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:39:13.0734 0x0ab0  storflt - ok
13:39:13.0743 0x0ab0  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:39:13.0766 0x0ab0  stornvme - ok
13:39:13.0773 0x0ab0  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
13:39:13.0789 0x0ab0  storqosflt - ok
13:39:13.0809 0x0ab0  [ E5C3042B68D4EA89B3C52E150E553DA0, 83428E8EFC584778745F6B30F6F8FD96A645AD33F39AA955E97F9A0D458847B1 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:39:13.0855 0x0ab0  StorSvc - ok
13:39:13.0865 0x0ab0  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
13:39:13.0889 0x0ab0  storufs - ok
13:39:13.0897 0x0ab0  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:39:13.0920 0x0ab0  storvsc - ok
13:39:13.0929 0x0ab0  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:39:13.0967 0x0ab0  svsvc - ok
13:39:13.0975 0x0ab0  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:39:13.0998 0x0ab0  swenum - ok
13:39:14.0019 0x0ab0  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
13:39:14.0049 0x0ab0  swprv - ok
13:39:14.0055 0x0ab0  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:39:14.0069 0x0ab0  Synth3dVsc - ok
13:39:14.0099 0x0ab0  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:39:14.0157 0x0ab0  SysMain - ok
13:39:14.0173 0x0ab0  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:39:14.0205 0x0ab0  SystemEventsBroker - ok
13:39:14.0215 0x0ab0  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:39:14.0238 0x0ab0  TabletInputService - ok
13:39:14.0260 0x0ab0  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:39:14.0287 0x0ab0  TapiSrv - ok
13:39:14.0353 0x0ab0  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:39:14.0429 0x0ab0  Tcpip - ok
13:39:14.0481 0x0ab0  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
13:39:14.0544 0x0ab0  Tcpip6 - ok
13:39:14.0567 0x0ab0  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:39:14.0583 0x0ab0  tcpipreg - ok
13:39:14.0592 0x0ab0  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:39:14.0604 0x0ab0  tdx - ok
13:39:14.0610 0x0ab0  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:39:14.0621 0x0ab0  terminpt - ok
13:39:14.0649 0x0ab0  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
13:39:14.0694 0x0ab0  TermService - ok
13:39:14.0707 0x0ab0  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:39:14.0730 0x0ab0  Themes - ok
13:39:14.0741 0x0ab0  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:39:14.0766 0x0ab0  TieringEngineService - ok
13:39:14.0783 0x0ab0  [ 62300878366762EABAC7834543964A6E, 84E3DE6C93B31CBA71BA90669EB52C3122774E0EF803390EE8A483164D2CFE18 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:39:14.0810 0x0ab0  tiledatamodelsvc - ok
13:39:14.0818 0x0ab0  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:39:14.0835 0x0ab0  TimeBroker - ok
13:39:14.0844 0x0ab0  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
13:39:14.0860 0x0ab0  TPM - ok
13:39:14.0866 0x0ab0  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:39:14.0884 0x0ab0  TrkWks - ok
13:39:14.0890 0x0ab0  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:39:14.0908 0x0ab0  TrustedInstaller - ok
13:39:14.0915 0x0ab0  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:39:14.0929 0x0ab0  tsusbflt - ok
13:39:14.0933 0x0ab0  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:39:14.0947 0x0ab0  TsUsbGD - ok
13:39:14.0954 0x0ab0  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
13:39:14.0974 0x0ab0  tunnel - ok
13:39:14.0981 0x0ab0  [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
13:39:14.0996 0x0ab0  tzautoupdate - ok
13:39:15.0012 0x0ab0  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:39:15.0023 0x0ab0  uagp35 - ok
13:39:15.0029 0x0ab0  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:39:15.0041 0x0ab0  UASPStor - ok
13:39:15.0046 0x0ab0  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
13:39:15.0060 0x0ab0  UcmCx0101 - ok
13:39:15.0065 0x0ab0  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:39:15.0079 0x0ab0  UcmUcsi - ok
13:39:15.0087 0x0ab0  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
13:39:15.0102 0x0ab0  Ucx01000 - ok
13:39:15.0107 0x0ab0  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
13:39:15.0121 0x0ab0  UdeCx - ok
13:39:15.0134 0x0ab0  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:39:15.0160 0x0ab0  udfs - ok
13:39:15.0165 0x0ab0  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:39:15.0179 0x0ab0  UEFI - ok
13:39:15.0189 0x0ab0  [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
13:39:15.0205 0x0ab0  Ufx01000 - ok
13:39:15.0213 0x0ab0  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:39:15.0225 0x0ab0  UfxChipidea - ok
13:39:15.0233 0x0ab0  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:39:15.0246 0x0ab0  ufxsynopsys - ok
13:39:15.0255 0x0ab0  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:39:15.0272 0x0ab0  UI0Detect - ok
13:39:15.0279 0x0ab0  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:39:15.0291 0x0ab0  uliagpkx - ok
13:39:15.0296 0x0ab0  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:39:15.0311 0x0ab0  umbus - ok
13:39:15.0315 0x0ab0  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:39:15.0329 0x0ab0  UmPass - ok
13:39:15.0340 0x0ab0  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:39:15.0361 0x0ab0  UmRdpService - ok
13:39:15.0391 0x0ab0  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
13:39:15.0441 0x0ab0  UnistoreSvc - ok
13:39:15.0468 0x0ab0  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:39:15.0497 0x0ab0  upnphost - ok
13:39:15.0503 0x0ab0  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
13:39:15.0513 0x0ab0  UrsChipidea - ok
13:39:15.0518 0x0ab0  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
13:39:15.0535 0x0ab0  UrsCx01000 - ok
13:39:15.0551 0x0ab0  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
13:39:15.0566 0x0ab0  UrsSynopsys - ok
13:39:15.0574 0x0ab0  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:39:15.0590 0x0ab0  usbccgp - ok
13:39:15.0599 0x0ab0  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:39:15.0617 0x0ab0  usbcir - ok
13:39:15.0623 0x0ab0  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:39:15.0637 0x0ab0  usbehci - ok
13:39:15.0651 0x0ab0  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:39:15.0672 0x0ab0  usbhub - ok
13:39:15.0690 0x0ab0  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:39:15.0712 0x0ab0  USBHUB3 - ok
13:39:15.0719 0x0ab0  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:39:15.0733 0x0ab0  usbohci - ok
13:39:15.0737 0x0ab0  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:39:15.0751 0x0ab0  usbprint - ok
13:39:15.0756 0x0ab0  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:39:15.0771 0x0ab0  usbscan - ok
13:39:15.0778 0x0ab0  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
13:39:15.0792 0x0ab0  usbser - ok
13:39:15.0798 0x0ab0  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:39:15.0812 0x0ab0  USBSTOR - ok
13:39:15.0833 0x0ab0  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:39:15.0846 0x0ab0  usbuhci - ok
13:39:15.0871 0x0ab0  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:39:15.0890 0x0ab0  USBXHCI - ok
13:39:15.0928 0x0ab0  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
13:39:15.0987 0x0ab0  UserDataSvc - ok
13:39:16.0124 0x0ab0  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
13:39:16.0210 0x0ab0  UserManager - ok
13:39:16.0255 0x0ab0  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
13:39:16.0328 0x0ab0  UsoSvc - ok
13:39:16.0344 0x0ab0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:39:16.0386 0x0ab0  VaultSvc - ok
13:39:16.0399 0x0ab0  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:39:16.0434 0x0ab0  vdrvroot - ok
13:39:16.0506 0x0ab0  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
13:39:16.0628 0x0ab0  vds - ok
13:39:16.0652 0x0ab0  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:39:16.0684 0x0ab0  VerifierExt - ok
13:39:16.0720 0x0ab0  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:39:16.0746 0x0ab0  vhdmp - ok
13:39:16.0752 0x0ab0  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
13:39:16.0765 0x0ab0  vhf - ok
13:39:16.0771 0x0ab0  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:39:16.0785 0x0ab0  vmbus - ok
13:39:16.0790 0x0ab0  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:39:16.0804 0x0ab0  VMBusHID - ok
13:39:16.0819 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:39:16.0847 0x0ab0  vmicguestinterface - ok
13:39:16.0860 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:39:16.0888 0x0ab0  vmicheartbeat - ok
13:39:16.0901 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:39:16.0928 0x0ab0  vmickvpexchange - ok
13:39:16.0941 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:39:16.0968 0x0ab0  vmicrdv - ok
13:39:16.0981 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:39:17.0008 0x0ab0  vmicshutdown - ok
13:39:17.0021 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:39:17.0048 0x0ab0  vmictimesync - ok
13:39:17.0063 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
13:39:17.0091 0x0ab0  vmicvmsession - ok
13:39:17.0103 0x0ab0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:39:17.0130 0x0ab0  vmicvss - ok
13:39:17.0136 0x0ab0  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:39:17.0148 0x0ab0  volmgr - ok
13:39:17.0159 0x0ab0  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:39:17.0178 0x0ab0  volmgrx - ok
13:39:17.0191 0x0ab0  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:39:17.0210 0x0ab0  volsnap - ok
13:39:17.0218 0x0ab0  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:39:17.0232 0x0ab0  vpci - ok
13:39:17.0246 0x0ab0  [ 190FE0CE4D43AD8EED97AAA68827E2C6, 1C43F33573A0815C5EDC5E18BA1038AFDD11F55A7CD8B08BA59B8F7357117E4C ] Vsdatant        C:\WINDOWS\system32\drivers\vsdatant.sys
13:39:17.0264 0x0ab0  Vsdatant - ok
13:39:17.0422 0x0ab0  [ 5F4548DBABDF037CE2B45122EA85666B, 8DD3DC08854D288D3F5CE96DF9E1F63432DEAC1252679F5C09783BDAA696A9F6 ] vsmon           C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
13:39:17.0502 0x0ab0  vsmon - ok
13:39:17.0515 0x0ab0  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:39:17.0529 0x0ab0  vsmraid - ok
13:39:17.0566 0x0ab0  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
13:39:17.0627 0x0ab0  VSS - ok
13:39:17.0640 0x0ab0  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:39:17.0657 0x0ab0  VSTXRAID - ok
13:39:17.0669 0x0ab0  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:39:17.0684 0x0ab0  vwifibus - ok
13:39:17.0690 0x0ab0  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
13:39:17.0706 0x0ab0  vwififlt - ok
13:39:17.0735 0x0ab0  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
13:39:17.0770 0x0ab0  vwifimp - ok
13:39:17.0833 0x0ab0  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
13:39:17.0923 0x0ab0  W32Time - ok
13:39:17.0934 0x0ab0  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:39:17.0957 0x0ab0  WacomPen - ok
13:39:17.0983 0x0ab0  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
13:39:18.0016 0x0ab0  WalletService - ok
13:39:18.0023 0x0ab0  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:39:18.0040 0x0ab0  wanarp - ok
13:39:18.0046 0x0ab0  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:39:18.0062 0x0ab0  wanarpv6 - ok
13:39:18.0129 0x0ab0  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:39:18.0189 0x0ab0  wbengine - ok
13:39:18.0211 0x0ab0  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:39:18.0242 0x0ab0  WbioSrvc - ok
13:39:18.0260 0x0ab0  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:39:18.0292 0x0ab0  Wcmsvc - ok
13:39:18.0327 0x0ab0  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:39:18.0369 0x1254  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
13:39:18.0392 0x0ab0  wcncsvc - ok
13:39:18.0397 0x0ab0  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:39:18.0412 0x0ab0  WcsPlugInService - ok
13:39:18.0416 0x0ab0  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:39:18.0429 0x0ab0  WdBoot - ok
13:39:18.0449 0x0ab0  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:39:18.0476 0x0ab0  Wdf01000 - ok
13:39:18.0489 0x0ab0  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:39:18.0505 0x0ab0  WdFilter - ok
13:39:18.0512 0x0ab0  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:39:18.0532 0x0ab0  WdiServiceHost - ok
13:39:18.0537 0x0ab0  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:39:18.0558 0x0ab0  WdiSystemHost - ok
13:39:18.0578 0x0ab0  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:39:18.0611 0x0ab0  wdiwifi - ok
13:39:18.0618 0x0ab0  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:39:18.0630 0x0ab0  WdNisDrv - ok
13:39:18.0634 0x0ab0  WdNisSvc - ok
13:39:18.0672 0x0ab0  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:39:18.0734 0x0ab0  WebClient - ok
13:39:18.0764 0x0ab0  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:39:18.0822 0x0ab0  Wecsvc - ok
13:39:18.0838 0x0ab0  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:39:18.0889 0x0ab0  WEPHOSTSVC - ok
13:39:18.0904 0x0ab0  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:39:18.0937 0x0ab0  wercplsupport - ok
13:39:18.0945 0x0ab0  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:39:18.0968 0x0ab0  WerSvc - ok
13:39:18.0976 0x0ab0  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
13:39:18.0990 0x0ab0  WFPLWFS - ok
13:39:18.0996 0x0ab0  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:39:19.0014 0x0ab0  WiaRpc - ok
13:39:19.0022 0x0ab0  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:39:19.0034 0x0ab0  WIMMount - ok
13:39:19.0037 0x0ab0  WinDefend - ok
13:39:19.0050 0x0ab0  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:39:19.0062 0x0ab0  WindowsTrustedRT - ok
13:39:19.0067 0x0ab0  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:39:19.0079 0x0ab0  WindowsTrustedRTProxy - ok
13:39:19.0125 0x0ab0  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:39:19.0172 0x0ab0  WinHttpAutoProxySvc - ok
13:39:19.0218 0x0ab0  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
13:39:19.0229 0x0ab0  WinMad - ok
13:39:19.0283 0x0ab0  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:39:19.0332 0x0ab0  Winmgmt - ok
13:39:19.0483 0x0ab0  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:39:19.0588 0x0ab0  WinRM - ok
13:39:19.0621 0x0ab0  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
13:39:19.0652 0x0ab0  WINUSB - ok
13:39:19.0662 0x0ab0  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
13:39:19.0687 0x0ab0  WinVerbs - ok
13:39:19.0830 0x0ab0  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:39:19.0910 0x0ab0  WlanSvc - ok
13:39:19.0980 0x0ab0  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:39:20.0054 0x0ab0  wlidsvc - ok
13:39:20.0060 0x0ab0  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:39:20.0074 0x0ab0  WmiAcpi - ok
13:39:20.0086 0x0ab0  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:39:20.0103 0x0ab0  wmiApSrv - ok
13:39:20.0107 0x0ab0  WMPNetworkSvc - ok
13:39:20.0117 0x0ab0  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:39:20.0131 0x0ab0  Wof - ok
13:39:20.0181 0x0ab0  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:39:20.0251 0x0ab0  workfolderssvc - ok
13:39:20.0259 0x0ab0  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:39:20.0271 0x0ab0  wpcfltr - ok
13:39:20.0278 0x0ab0  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:39:20.0297 0x0ab0  WPDBusEnum - ok
13:39:20.0302 0x0ab0  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:39:20.0313 0x0ab0  WpdUpFltr - ok
13:39:20.0319 0x0ab0  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
13:39:20.0334 0x0ab0  WpnService - ok
13:39:20.0340 0x0ab0  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:39:20.0357 0x0ab0  ws2ifsl - ok
13:39:20.0366 0x0ab0  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:39:20.0386 0x0ab0  wscsvc - ok
13:39:20.0389 0x0ab0  WSearch - ok
13:39:20.0536 0x0ab0  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
13:39:20.0626 0x0ab0  WSService - ok
13:39:20.0638 0x0ab0  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
13:39:20.0648 0x0ab0  wsvd - ok
13:39:20.0707 0x0ab0  [ 3D0DE8170ECCEC20CBF205D79C535BA1, 9249A420B9024AB3B18D7E4DAC20E2080E0759C620F46D37D467DC25A77F2025 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:39:20.0788 0x0ab0  wuauserv - ok
13:39:20.0799 0x0ab0  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:39:20.0801 0x1254  Object send P2P result: true
13:39:20.0801 0x1254  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
13:39:20.0818 0x0ab0  WudfPf - ok
13:39:20.0827 0x0ab0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:39:20.0846 0x0ab0  WUDFRd - ok
13:39:20.0854 0x0ab0  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:39:20.0871 0x0ab0  wudfsvc - ok
13:39:20.0880 0x0ab0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:39:20.0899 0x0ab0  WUDFWpdFs - ok
13:39:20.0908 0x0ab0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:39:20.0928 0x0ab0  WUDFWpdMtp - ok
13:39:20.0966 0x0ab0  [ 7F7591CCC146EC7D9EB77C1277D605F4, 80D6D45BD3C3C7F79BFA98B864CBFA443245416ED64C0BC16E9E7C8C5E958AFB ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:39:21.0025 0x0ab0  WwanSvc - ok
13:39:21.0054 0x0ab0  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
13:39:21.0113 0x0ab0  XblAuthManager - ok
13:39:21.0154 0x0ab0  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
13:39:21.0200 0x0ab0  XblGameSave - ok
13:39:21.0211 0x0ab0  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
13:39:21.0231 0x0ab0  xboxgip - ok
13:39:21.0259 0x0ab0  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
13:39:21.0303 0x0ab0  XboxNetApiSvc - ok
13:39:21.0309 0x0ab0  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
13:39:21.0322 0x0ab0  xinputhid - ok
13:39:21.0330 0x0ab0  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\WINDOWS\System32\drivers\xusb21.sys
13:39:21.0341 0x0ab0  xusb21 - ok
13:39:21.0347 0x0ab0  [ CEC8ED565F3663F0B8A862561BF08D79, FDDBEDC79C7061B20AA450BB3D09EDADEDD5F531D8EA100BBF542A63BDFCE593 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
13:39:21.0360 0x0ab0  ZAPrivacyService - ok
13:39:21.0360 0x0ab0  ================ Scan global ===============================
13:39:21.0367 0x0ab0  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
13:39:21.0377 0x0ab0  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
13:39:21.0386 0x0ab0  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:39:21.0401 0x0ab0  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
13:39:21.0409 0x0ab0  [ Global ] - ok
13:39:21.0410 0x0ab0  ================ Scan MBR ==================================
13:39:21.0421 0x0ab0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:39:21.0519 0x0ab0  \Device\Harddisk0\DR0 - ok
13:39:21.0526 0x0ab0  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
13:39:21.0989 0x0ab0  \Device\Harddisk1\DR1 - ok
13:39:21.0990 0x0ab0  ================ Scan VBR ==================================
13:39:22.0017 0x0ab0  [ 2CD677512073802FB745CF10770C1A81 ] \Device\Harddisk0\DR0\Partition1
13:39:22.0072 0x0ab0  \Device\Harddisk0\DR0\Partition1 - ok
13:39:22.0077 0x0ab0  [ 333042A5BA8489DF44EE73165DC58BAB ] \Device\Harddisk0\DR0\Partition2
13:39:22.0127 0x0ab0  \Device\Harddisk0\DR0\Partition2 - ok
13:39:22.0138 0x0ab0  [ 30CF3121CA01B2BDAAB1EF9965B2A5B7 ] \Device\Harddisk0\DR0\Partition3
13:39:22.0171 0x0ab0  \Device\Harddisk0\DR0\Partition3 - ok
13:39:22.0176 0x0ab0  [ ABC349806DB8E12A9B5D915669AEBDD7 ] \Device\Harddisk0\DR0\Partition4
13:39:22.0176 0x0ab0  \Device\Harddisk0\DR0\Partition4 - ok
13:39:22.0184 0x0ab0  [ 331555CDE2B1CABFB21BD12D7FABEBAB ] \Device\Harddisk0\DR0\Partition5
13:39:22.0223 0x0ab0  \Device\Harddisk0\DR0\Partition5 - ok
13:39:22.0228 0x0ab0  [ 80802AA0C9C54DFED76A1E97A5BE4E26 ] \Device\Harddisk0\DR0\Partition6
13:39:22.0259 0x0ab0  \Device\Harddisk0\DR0\Partition6 - ok
13:39:22.0264 0x0ab0  [ A06FC6E8C95523DA5907278A9E0C625D ] \Device\Harddisk0\DR0\Partition7
13:39:22.0276 0x0ab0  \Device\Harddisk0\DR0\Partition7 - ok
13:39:22.0283 0x0ab0  [ E93DA87EFAB64CAE9C4FE0837627ED2A ] \Device\Harddisk1\DR1\Partition1
13:39:22.0286 0x0ab0  \Device\Harddisk1\DR1\Partition1 - ok
13:39:22.0288 0x0ab0  ================ Scan generic autorun ======================
13:39:22.0288 0x0ab0  ETDCtrl - ok
13:39:22.0540 0x0ab0  [ 130E6464AACBFE9FD4DA002FD0E98FEE, 8A792058BBE266F2F3BE8072A74FC32CF3888EF20AD9D703D93BB99F415BC1C3 ] C:\WINDOWS\RTFTrack.exe
13:39:22.0643 0x0ab0  RtsFT - ok
13:39:22.0660 0x0ab0  [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\WINDOWS\system32\igfxtray.exe
13:39:22.0677 0x0ab0  IgfxTray - ok
13:39:22.0680 0x0ab0  HotKeysCmds - ok
13:39:22.0682 0x0ab0  Persistence - ok
13:39:22.0711 0x0ab0  [ 7FCF3650242F8F8C1EE2E7E98CBD88BB, 5AE46713C7D96E30661F67A95414FF12181974788929C11C2F623695153A77D1 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
13:39:22.0739 0x0ab0  Nvtmru - ok
13:39:22.0745 0x0ab0  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
13:39:22.0751 0x0ab0  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
13:39:23.0232 0x1254  Object send P2P result: true
13:39:23.0249 0x1254  Object required for P2P: [ F5CEB5CE82DC9CC94873C487DF2BA73C ] MozillaMaintenance
13:39:25.0171 0x0ab0  Detect skipped due to KSN trusted
13:39:25.0171 0x0ab0  IAStorIcon - ok
13:39:25.0235 0x0ab0  [ 7C3CD9D9B2C1336D5FEABD6EC06316F5, F68714C3697E1882D6FA5D822D99559FF07B2E2E6979E44EA104F56B93F7853F ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
13:39:25.0282 0x0ab0  cAudioFilterAgent - ok
13:39:25.0290 0x0ab0  [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
13:39:25.0304 0x0ab0  ForteConfig - ok
13:39:25.0359 0x0ab0  [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
13:39:25.0441 0x0ab0  SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
13:39:25.0668 0x1254  Object send P2P result: true
13:39:25.0670 0x1254  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
13:39:27.0890 0x0ab0  Detect skipped due to KSN trusted
13:39:27.0890 0x0ab0  SmartAudio - ok
13:39:28.0124 0x1254  Object send P2P result: true
13:39:28.0155 0x1254  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
13:39:28.0320 0x0ab0  [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
13:39:28.0424 0x0ab0  OnekeyStudio - ok
13:39:29.0166 0x0ab0  [ 8AFBDD458A6CBBC5654D959C03C2A87A, D27889AEA72F316A2FBAF06AAF3D94B823875D6108E12CAF7B76B3293C22D1CD ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
13:39:29.0581 0x0ab0  Energy Manager - ok
13:39:29.0623 0x0ab0  [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
13:39:29.0646 0x0ab0  Lenovo Utility - ok
13:39:29.0666 0x0ab0  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
13:39:29.0699 0x0ab0  iTunesHelper - ok
13:39:29.0814 0x0ab0  [ DBC0D16BD2B5BA537C530315BCBA2ED0, 46503F100B9C395BF627FF6D50B985E0948BBDB01829DC807F283DCAFEF0E204 ] C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
13:39:29.0860 0x0ab0  Hercules DJ Series TrayAgent - ok
13:39:29.0871 0x0ab0  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
13:39:29.0882 0x0ab0  UpdateP2GShortCut - ok
13:39:29.0919 0x0ab0  [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:39:29.0943 0x0ab0  avgnt - ok
13:39:29.0968 0x0ab0  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:39:29.0997 0x0ab0  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
13:39:30.0585 0x1254  Object send P2P result: true
13:39:30.0586 0x1254  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
13:39:30.0852 0x1b4c  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
13:39:32.0443 0x0ab0  Detect skipped due to KSN trusted
13:39:32.0443 0x0ab0  QuickTime Task - ok
13:39:32.0452 0x0ab0  [ C94EBFBCD3018DCC50E193DFD02C8CEF, 93E48E0B2E9794CBE59C57226E5AF4CBAD03A1C04F76830530DDFD746794F0A2 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:39:32.0477 0x0ab0  Avira SystrayStartTrigger - ok
13:39:32.0491 0x0ab0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
13:39:32.0524 0x0ab0  HP Software Update - ok
13:39:32.0874 0x0ab0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:39:33.0058 0x1254  Object send P2P result: true
13:39:33.0061 0x1254  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
13:39:33.0173 0x0ab0  OneDriveSetup - ok
13:39:33.0294 0x1b4c  Object send P2P result: true
13:39:33.0401 0x0ab0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:39:33.0558 0x0ab0  OneDriveSetup - ok
13:39:33.0833 0x0ab0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:39:33.0989 0x0ab0  OneDriveSetup - ok
13:39:34.0108 0x0ab0  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
13:39:34.0187 0x0ab0  WAB Migrate - ok
13:39:34.0330 0x0ab0  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe
13:39:34.0425 0x0ab0  Steam - ok
13:39:34.0447 0x0ab0  [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\UNI\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:39:34.0467 0x0ab0  OneDrive - ok
13:39:34.0482 0x0ab0  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:39:34.0500 0x0ab0  OneDrive - ok
13:39:34.0511 0x0ab0  Waiting for KSN requests completion. In queue: 56
13:39:35.0498 0x1254  Object send P2P result: true
13:39:35.0511 0x0ab0  Waiting for KSN requests completion. In queue: 9
13:39:36.0512 0x0ab0  Waiting for KSN requests completion. In queue: 9
13:39:37.0550 0x0ab0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
13:39:37.0552 0x0ab0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
13:39:37.0553 0x0ab0  AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 14.1.48.0 ), 0x40000 ( disabled : updated )
13:39:37.0557 0x0ab0  FW detected via SS2: ZoneAlarm Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 14.1.48.0 ), 0x41010 ( enabled )
13:39:39.0943 0x0ab0  ============================================================
13:39:39.0943 0x0ab0  Scan finished
13:39:39.0944 0x0ab0  ============================================================
13:39:39.0959 0x1d44  Detected object count: 0
13:39:39.0959 0x1d44  Actual detected object count: 0

Aufgrund der zu großen Länge der Textdatei musste ich die Logfiles in 3 bzw 4 Antworten packen!

Danke im Voraus und mit freundlichen Grüßen,

CaptainM

burningice · 29.04.2016, 15:02

Mehrere Anti-Virus-Programme

Code:

ATTFilter

Avira 
ZoneAlarm 
Kaspersky

Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über die Systemsteuerung => Software.

Zitat:

Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."

Ich bitte dich, alle Virenschutzprogramme zu deinstallieren. Avira empfehlen wir nicht mehr, ZoneAlarm ist schrecklich und behindert diverse Tätigkeiten und Kaspersky ist unvollständig installiert.

Dieses Tool kann dir dabei helfen:
ESET :: Download :: Dienstprogramme :: Detail :: ESET AV Remover

Um Kaspersky zu entfernen da die Installaion beschädigt ist, führe noch extra aus:
http://media.kaspersky.com/utilities...s/kavremvr.exe

Melde dich, wenn du alle Produkte entfernt hast.

CaptainM · 29.04.2016, 16:57

Habe jetzt jegliche Viren-Software deinstalliert, Avira Antivir, Kaspersky (der Remover hat nichts zum deinstallieren gefunden) und auch ZoneAlarm.

Liebe Grüße,
CaptainM

burningice · 29.04.2016, 17:13

Hast du das Kaspersky Removal Tool ausgeführt?

Erstelle bitte neue FRST Logs, setze dabei zusätzlich den Haken bei Addition und drücke auf 'Untersuchen'

CaptainM · 29.04.2016, 17:39

Ja, habe das Removal Tool ausgeführt, allerdings hat das Programm selbst keine Kaspersky Komponente gefunden, die es löschen möchte und auch in der Systemsteuerung habe ich keine gefunden.

Die neue FRST Log lautet wie folgt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
durchgeführt von UNI (Administrator) auf LENOVO-PC (29-04-2016 18:24:35)
Gestartet von C:\Users\UNI\Desktop
Geladene Profile: UpdatusUser & UNI (Verfügbare Profile: UpdatusUser & UNI & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14]
FF Extension: Ghostery - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30]
FF Extension: Adblock Plus - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27]

Chrome: 
=======
CHR HomePage: Default -> hxxps://startpage.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Docs) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Agar.io Mods) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24]
CHR Extension: (Google-Suche) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12]
CHR Extension: (Google Docs Offline) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
CHR Extension: (Java for Web Pages) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28]
CHR Extension: (Ghostery) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Google Mail) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 18:24 - 2016-04-29 18:25 - 00020420 _____ C:\Users\UNI\Desktop\FRST.txt
2016-04-29 18:23 - 2016-04-29 18:24 - 00000000 ____D C:\Users\UNI\Desktop\Alt
2016-04-29 13:37 - 2016-04-29 13:43 - 00275710 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.37.33_log.txt
2016-04-29 13:36 - 2016-04-29 13:36 - 00000560 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.36.16_log.txt
2016-04-29 13:34 - 2016-04-29 13:08 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\UNI\Desktop\tdsskiller.exe
2016-04-29 13:27 - 2016-04-29 18:24 - 00000000 ____D C:\FRST
2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\UNI\Desktop\FRST64.exe
2016-04-28 20:47 - 2016-04-29 18:21 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint
2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe
2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe
2016-04-28 16:16 - 2016-04-28 18:34 - 00000000 ____D C:\ProgramData\SecTaskMan
2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator
2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010
2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url
2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url
2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url
2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\UNI\Desktop\zasetupweb_132_015_000.exe
2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\UNI\Desktop\cfw_installer_6106_53.exe
2016-04-28 12:57 - 2016-04-28 22:10 - 00000000 ____D C:\AdwCleaner
2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\UNI\Desktop\AdwCleaner.exe
2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\UNI\Desktop\MotioninJoy_071001_signed
2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\UNI\Desktop\MotioninJoy_071001_signed.zip
2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\UNI\Desktop\LRG CD
2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\UNI\Desktop\LRG-Playlist
2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\UNI\Desktop\HandyMusik
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS
2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\UNI\AppData\Local\MicrosoftEdge
2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\UNI\AppData\Local\NetworkTiles
2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\UNI\AppData\Local\ActiveSync
2016-04-11 13:31 - 2016-04-29 18:21 - 00000000 __SHD C:\Users\UNI\IntelGraphicsProfiles
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\TileDataLayer
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Publishers
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Comms
2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\UNI\ntuser.ini
2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old
2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-11 12:11 - 2016-04-29 17:51 - 00000000 ____D C:\Users\UNI
2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Anwendungsdaten
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech
2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml
2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\UNI\Downloads\jxpiinstall(4).exe
2016-03-30 18:56 - 2016-03-30 18:56 - 00088372 _____ C:\Users\UNI\Desktop\Studienbescheinigung_334281_30.03.2016.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 18:22 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 17:52 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-29 17:52 - 2015-02-07 22:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-29 17:51 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-29 17:49 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-29 17:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-29 17:32 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Avira
2016-04-29 17:32 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-29 17:29 - 2015-02-07 23:01 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Avira
2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-28 14:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job
2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913}
2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\UNI\AppData\Local\Spotify
2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Spotify
2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\UNI\OneDrive
2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy
2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\UNI\AppData\Roaming\vlc
2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\UNI\AppData\Local\Adobe
2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\UNI\AppData\Local\Packages
2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel
2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b
2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002
2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500
2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de
2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18
2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013
2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell
2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-11 12:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED
2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules
2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf
2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\UNI\AppData\Roaming\ClassicShell
2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\UNI\AppData\Local\ElevatedDiagnostics
2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\UNI\Desktop\Thumbs.db
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Skype
2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle
2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\UNI\.oracle_jre_usage
2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\UNI\AppData\Local\BTServer.log
2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\UNI\AppData\Local\Resmon.ResmonCfg
2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\UNI\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689}
2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\UNI\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-25 18:43

==================== Ende von FRST.txt ============================

CaptainM · 29.04.2016, 17:40

Die Addition Log sieht wie folgt aus:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016
durchgeführt von UNI (2016-04-29 18:25:40)
Gestartet von C:\Users\UNI\Desktop
Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled)
Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled)
UNI (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\UNI
UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot)
DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation)
DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\UNI\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900
FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869
FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357
FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100
FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1685578

Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1685578

Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2016 05:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xa0c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/29/2016 05:51:53 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2572) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/29/2016 05:50:35 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LENOVO-PC)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.

Error: (04/29/2016 05:50:35 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LENOVO-PC)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.


Systemfehler:
=============
Error: (04/29/2016 05:52:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/29/2016 05:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 05:51:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/29/2016 05:48:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/29/2016 05:27:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎04.‎2016 um 14:02:28 unerwartet heruntergefahren.

Error: (04/29/2016 01:44:16 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


CodeIntegrity:
===================================
  Date: 2016-04-18 13:35:57.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-18 13:26:41.335
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 12:46:40.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 16:00:34.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 13:46:49.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:33:49.290
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:26:25.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-11 12:04:38.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 6242.68 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 7580.54 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:770.57 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS
Drive f: () (Removable) (Total:3.74 GB) (Free:3.44 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Liebe Grüße,
CaptainM

burningice · 30.04.2016, 19:53

okay sehr gut bislang

Schritt 1
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung

Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

CaptainM · 01.05.2016, 21:54

Habe alle Tests ausgeführt, allerdings muss ich dazu sagen, dass es sich dabei um den zweiten Suchlauf mit AdwCleaner handelt und ich bereits am Tag nach dem Vorfall einen Durchlauf gemacht habe, bei dem es einige Funde gab. Bei dem jetzigen Durchlauf wurde fast nichts gefunden. Ich kann auch den Bericht des ersten Durchlaufs noch posten.

Eine weitere wichtige Sache ist, dass ich mit dem Laptop, auf dem es den Vorfall gab, während der gesamten letzten Tage und der von dir geforderten Tests nicht mehr mit dem Internet verbunden war und dadurch auch z.B. Malwarebites Anti-Malware die Datenbank vor dem Suchlauf nicht mehr aktualisiert hat. Falls das Auswirkungen auf die Ergebnisse der Tests hat, kann ich diese auch nochmal wiederholen.

Hier ist die mbam.txt:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.05.2016
Suchlaufzeit: 21:08
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.02.16.06
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Uni

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 490911
Abgelaufene Zeit: 46 Min., 12 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Das mbam-Schutzprotokoll:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 01.05.2016 21:06, SYSTEM, LENOVO-PC, Manual, Failed, No Internet connection detected, 
Update, 01.05.2016 21:08, SYSTEM, LENOVO-PC, Manual, Failed, No Internet connection detected, 
Scan, 01.05.2016 21:54, SYSTEM, LENOVO-PC, Manual, Start: 01.05.2016 21:08, Dauer: 46 Min. 12 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 

(end)

Logfile von AdwCleaner:

Code:

ATTFilter

# AdwCleaner v5.114 - Bericht erstellt am 01/05/2016 um 22:27:35
# Aktualisiert am 27/04/2016 von Xplode
# Datenbank : 2016-04-27.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : UNI - LENOVO-PC
# Gestartet von : F:\AdwCleaner_5.114.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\SecTaskMan

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3659 Bytes] - [28/04/2016 13:03:30]
C:\AdwCleaner\AdwCleaner[C2].txt - [1002 Bytes] - [01/05/2016 22:27:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [3615 Bytes] - [28/04/2016 12:57:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [351 Bytes] - [28/04/2016 16:02:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1092 Bytes] - [28/04/2016 16:26:31]
C:\AdwCleaner\AdwCleaner[S4].txt - [1159 Bytes] - [28/04/2016 22:10:25]
C:\AdwCleaner\AdwCleaner[S5].txt - [1216 Bytes] - [01/05/2016 22:26:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1439 Bytes] ##########

Die Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016
durchgeführt von Uni (2016-05-01 22:32:17)
Gestartet von C:\Users\Uni\Desktop
Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled)
Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled)
Uni (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\Uni
UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot)
DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation)
DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uni\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900
FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869
FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe
FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357
FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe
FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe
FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\Uni\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\Uni\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Uni\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Uni\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100
FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172

Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1685578

Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1685578

Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094

Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2016 05:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xa0c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5


Systemfehler:
=============
Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/01/2016 10:28:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/29/2016 06:30:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-05-01 22:14:24.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:24.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:03.996
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:03.984
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:03.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:03.948
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:02.133
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:02.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:02.094
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-01 22:14:02.082
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 6375.25 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 7713.47 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:770.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS
Drive f: () (Removable) (Total:3.74 GB) (Free:3.42 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

CaptainM · 01.05.2016, 21:56

Die FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
durchgeführt von Uni (Administrator) auf LENOVO-PC (01-05-2016 22:30:36)
Gestartet von C:\Users\Uni\Desktop
Geladene Profile: UpdatusUser & Uni (Verfügbare Profile: UpdatusUser & Uni & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe
(DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14]
FF Extension: Ghostery - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30]
FF Extension: Adblock Plus - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27]

Chrome: 
=======
CHR HomePage: Default -> hxxps://startpage.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Docs) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Agar.io Mods) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24]
CHR Extension: (Google-Suche) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12]
CHR Extension: (Google Docs Offline) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
CHR Extension: (Java for Web Pages) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28]
CHR Extension: (Ghostery) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Google Mail) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-01 22:30 - 2016-05-01 22:31 - 00019820 _____ C:\Users\Uni\Desktop\FRST.txt
2016-05-01 21:06 - 2016-05-01 21:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-01 21:06 - 2016-05-01 21:06 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-01 21:06 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-01 21:06 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-01 21:06 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-29 18:29 - 2016-04-29 18:29 - 00000000 ____D C:\Users\Uni\Desktop\Neu
2016-04-29 18:23 - 2016-04-29 18:24 - 00000000 ____D C:\Users\Uni\Desktop\Alt
2016-04-29 13:37 - 2016-04-29 13:43 - 00275710 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.37.33_log.txt
2016-04-29 13:36 - 2016-04-29 13:36 - 00000560 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.36.16_log.txt
2016-04-29 13:34 - 2016-04-29 13:08 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Uni\Desktop\tdsskiller.exe
2016-04-29 13:27 - 2016-05-01 22:30 - 00000000 ____D C:\FRST
2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\Uni\Desktop\FRST64.exe
2016-04-28 20:47 - 2016-05-01 22:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint
2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe
2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe
2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo
2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator
2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010
2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url
2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url
2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url
2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Uni\Desktop\zasetupweb_132_015_000.exe
2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\Uni\Desktop\cfw_installer_6106_53.exe
2016-04-28 12:57 - 2016-05-01 22:27 - 00000000 ____D C:\AdwCleaner
2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\Uni\Desktop\AdwCleaner.exe
2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\Uni\Desktop\MotioninJoy_071001_signed
2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\Uni\Desktop\MotioninJoy_071001_signed.zip
2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\Uni\Desktop\LRG CD
2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\Uni\Desktop\LRG-Playlist
2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\Uni\Desktop\HandyMusik
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS
2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\Uni\AppData\Local\MicrosoftEdge
2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\Uni\AppData\Local\NetworkTiles
2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\Uni\AppData\Local\ActiveSync
2016-04-11 13:31 - 2016-05-01 22:29 - 00000000 __SHD C:\Users\Uni\IntelGraphicsProfiles
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\TileDataLayer
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\Publishers
2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\Comms
2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\Uni\ntuser.ini
2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old
2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild
2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-11 12:11 - 2016-04-29 17:51 - 00000000 ____D C:\Users\Uni
2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Vorlagen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Startmenü
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Netzwerkumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Lokale Einstellungen
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Eigene Dateien
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Druckumgebung
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Videos
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Musik
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Bilder
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Local\Verlauf
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Local\Anwendungsdaten
2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Anwendungsdaten
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant
2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech
2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml
2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\Uni\Downloads\jxpiinstall(4).exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-01 22:29 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-01 22:28 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-01 22:28 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-01 22:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job
2016-04-29 18:29 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2016-04-29 17:52 - 2015-02-07 22:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-29 17:49 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-29 17:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-29 17:32 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Avira
2016-04-29 17:32 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-29 17:29 - 2015-02-07 23:01 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Avira
2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913}
2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\Uni\AppData\Local\Spotify
2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Spotify
2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\Uni\OneDrive
2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy
2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\Uni\AppData\Roaming\vlc
2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\Uni\AppData\Local\Adobe
2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\Uni\AppData\Local\Packages
2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel
2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b
2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002
2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500
2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de
2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18
2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013
2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell
2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED
2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules
2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo
2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf
2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\Uni\AppData\Roaming\ClassicShell
2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\Uni\AppData\Local\ElevatedDiagnostics
2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\Uni\Desktop\Thumbs.db
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Skype
2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle
2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\Uni\.oracle_jre_usage
2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\Uni\AppData\Local\BTServer.log
2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\Uni\AppData\Local\Resmon.ResmonCfg
2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\Uni\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689}
2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Uni\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-25 18:43

==================== Ende von FRST.txt ============================

Liebe Grüße,
CaptainM

burningice · 03.05.2016, 12:03

Bitte wiederhole den Scan mit Malwarebytes mit aktuellen Signaturen - aktiviere dazu die Internetverbindung von deinem Rechner.

PC gehackt und Screenshots via Facebook verschickt

Plagegeister aller Art und deren Bekämpfung: PC gehackt und Screenshots via Facebook verschickt