| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware/Browser Hijacker: m55.dnsqa.meWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.03.2016, 10:43
| #1 |
| |  Adware/Browser Hijacker: m55.dnsqa.me Hallo liebes Trojaner-Board, Wie es scheint, habe ich mir vor ein paar Tagen den Browser Hijacker "m55.dnsqa.me" eingefangen  . Das einzige was ich in dieser zeit instaliert habe war "TomTom Home", dabei wurden jedoch keine Zusatzprogramme oder sonstiges mit instaliert.Inzwischen habe ich auch schon einiges Versucht um m55.dnsqa.me loszuwerden: - den Pc mit den Wiederherstellungsoptionen auf ein Datum zurückgegestzt wo noch keine Probleme auftraten - sämtliche unerwünschte/unbekannte Software und Addons und Plugins deinstalliert - verschiedene Antiviren Programme durchlaufen lassen, Allerdings bisher alles ohne Erfolg und Behebung des Problems .Immerhin kann ich inzwischen dank des Echtzeit-Schutzes von Malewarebytes wieder normal surfen,ohne das ständig irgendwelche Popups aufploppen. Jedoch werden bei jedem Seitenaufruf bösartige Websites endeckt, die gebblockt werden (m55.dnsqa.me). Ich hoffe mir kann hier weitergeholfen werden und ich habe alle erforderlichen LOG-Dateien gepostet. LG Caro Malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.03.2016 Suchlaufzeit: 10:18 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.22.03 Rootkit-Datenbank: v2016.03.12.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: norbe Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 346940 Abgelaufene Zeit: 6 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.03.2016 Suchlaufzeit: 09:15 Protokolldatei: Malewarebytes D.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.22.02 Rootkit-Datenbank: v2016.03.12.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: norbe Suchlauftyp: Benutzerdefinierter Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 454316 Abgelaufene Zeit: 40 Min., 37 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von norbe (Administrator) auf PC-NORB (22-03-2016 09:57:03) Gestartet von D:\Downloads Geladene Profile: norbe (Verfügbare Profile: norbe) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (QIHU 360 SOFTWARE CO. LIMITED) D:\Programme\360 Total Security\360\Total Security\safemon\QHActiveDefense.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (QIHU 360 SOFTWARE CO. LIMITED) D:\Programme\360 Total Security\360\Total Security\safemon\QHWatchdog.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Creative Technology Ltd.) C:\Windows\V0790Mon.exe (QIHU 360 SOFTWARE CO. LIMITED) D:\Programme\360 Total Security\360\Total Security\safemon\QHSafeTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Valve Corporation) D:\Steam\Steam.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Kaspersky Lab ZAO) D:\Downloads\tdsskiller.exe (Kaspersky Lab ZAO) C:\Users\norbe\AppData\Local\Temp\{3F992D05-22B3-41E0-B85E-3CE1A8691DCB}\{FE544FB7-3351-4942-ADC6-C72FEF7DBD50}.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [StartCN] => "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation) HKLM-x32\...\Run: [V0790Mon.exe] => C:\Windows\V0790Mon.exe HKLM-x32\...\Run: [QHSafeTray] => D:\Programme\360 Total Security\360\Total Security\safemon\360Tray.exe [326264 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify Web Helper] => D:\Spotify\SpotifyWebHelper.exe [1959992 2015-03-23] (Spotify Ltd) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Steam] => D:\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify] => C:\Users\norbe\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-29] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-21] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8a2e711d-1768-43c9-9fed-276f801e4aa2}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== FireFox: ======== FF ProfilePath: C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\Programme\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Extension: Rocket Beans Supporter - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\extensions\osrocketbeanssupporter@schloebe.de.xpi [2016-02-13] FF Extension: Rocket Beans TV Sendeplan für Firefox - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\javos-firebeans-rbtvfx@jetpack.xpi [2016-02-13] FF Extension: Adblock Plus - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - D:\Programme\360 Total Security\360\Total Security\safemon\webprotection_firefox FF Extension: 360 Internet Protection - D:\Programme\360 Total Security\360\Total Security\safemon\webprotection_firefox [2016-02-13] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation) R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 QHActiveDefense; D:\Programme\360 Total Security\360\Total Security\safemon\QHActiveDefense.exe [907384 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2016-02-01] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-02-01] (360.cn) R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2016-02-01] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [368720 2016-02-01] (360.cn) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-01] (360.cn) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2016-02-24] (NVIDIA Corporation) R3 V0790Vid; C:\Windows\system32\DRIVERS\V0790Vid.sys [390648 2015-09-17] (Creative Technology Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-22 09:56 - 2016-03-22 09:57 - 00000000 ____D C:\FRST 2016-03-22 09:56 - 2016-03-22 09:56 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\70552111.sys 2016-03-22 09:56 - 2016-03-22 09:56 - 00006522 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_09.56.25_log.txt 2016-03-22 09:21 - 2016-03-22 09:21 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-22 09:21 - 2016-03-22 09:21 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-22 09:20 - 2016-03-22 09:20 - 00242376 _____ C:\Users\norbe\Downloads\Firefox Setup Stub 45.0.1.exe 2016-03-21 20:19 - 2016-03-21 20:19 - 00000000 ___HD C:\$SysReset 2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagwrn.xml 2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagerr.xml 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HP 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Local\HP 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\WEBREG 2016-03-21 11:28 - 2016-03-21 11:28 - 00001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2016-03-21 11:28 - 2016-03-21 11:28 - 00001428 _____ C:\Users\Public\Desktop\HP Solution Center.lnk 2016-03-21 11:28 - 2016-03-21 11:28 - 00001262 _____ C:\Users\Public\Desktop\Shop für HP Zubehör.lnk 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HpUpdate 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\HP Product Assistant 2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\Program Files (x86)\HP 2016-03-21 11:26 - 2016-03-21 11:29 - 00201689 _____ C:\Windows\hpoins32.dat 2016-03-21 11:26 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\HP 2016-03-21 11:26 - 2012-09-28 10:52 - 00000932 ____N C:\Windows\hpomdl32.dat 2016-03-21 11:26 - 2012-09-25 08:52 - 03867040 _____ C:\Windows\system32\PortChanger.exe 2016-03-21 11:26 - 2012-09-25 08:52 - 00151968 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4.sys 2016-03-21 11:26 - 2012-09-25 08:52 - 00049056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys 2016-03-21 11:26 - 2012-09-25 08:52 - 00027040 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4Prt.sys 2016-03-21 11:26 - 2009-07-14 02:41 - 00046080 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpz3lw72.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 01411584 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p01b.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00966656 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p01b.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00512512 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p01a.dll 2016-03-21 11:18 - 2016-03-21 11:18 - 00000000 ____D C:\Users\norbe\AppData\Local\ElevatedDiagnostics 2016-03-21 10:52 - 2016-03-21 10:52 - 00000000 _____ C:\Recovery.txt 2016-03-21 10:44 - 2016-03-21 20:01 - 00000000 ____D C:\$Windows.~BT 2016-03-21 10:31 - 2016-03-21 11:11 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-03-21 10:26 - 2016-03-22 09:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-21 10:24 - 2016-03-21 10:24 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-21 10:24 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-21 10:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-21 10:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-21 10:23 - 2016-03-21 10:40 - 00000000 ____D C:\AdwCleaner 2016-03-20 15:39 - 2016-03-20 15:39 - 00000000 ____D C:\ProgramData\TomTom 2016-03-20 15:37 - 2016-03-20 15:37 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\TomTom 2016-03-20 15:36 - 2016-03-20 15:36 - 00000000 ____D C:\Users\norbe\AppData\Roaming\TomTom 2016-03-18 17:10 - 2016-03-18 17:10 - 00000000 ____D C:\Windows\%LOCALAPPDATA% 2016-03-15 17:46 - 2016-03-21 10:38 - 00000000 ____D C:\Users\norbe\AppData\Local\CrashDumps 2016-03-15 17:44 - 2016-03-15 17:44 - 00000813 _____ C:\Users\norbe\Desktop\Launch Pharaoh Gold.lnk 2016-03-15 16:33 - 2016-03-15 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pharaoh Gold [GOG.com] 2016-03-15 11:17 - 2016-03-15 11:17 - 00003882 _____ C:\Windows\System32\Tasks\{414B0950-34C1-4197-32DC-28352DDC627F} 2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-11 07:25 - 2016-03-08 07:05 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-03-11 07:25 - 2016-02-14 02:47 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-03-11 07:25 - 2016-02-14 02:46 - 00126232 _____ C:\Windows\system32\vulkan-1.dll 2016-03-11 07:25 - 2016-02-14 02:45 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe 2016-03-11 07:25 - 2016-02-14 02:45 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-03-11 07:23 - 2016-03-08 11:27 - 42968120 _____ C:\Windows\system32\nvcompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 22971960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 21322480 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 20863920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 18906048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17732960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17368424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17325400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17320280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 10547128 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 08657936 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 02613696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 02257344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00955328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00885184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00784640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00750016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00692160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00630592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00601752 _____ C:\Windows\system32\nvmcumd.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00346560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-03-09 22:33 - 2016-03-09 22:33 - 00001388 _____ C:\Users\norbe\Desktop\CIGLauncher.lnk 2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Aspyr 2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\AppData\Local\Aspyr 2016-03-09 03:47 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-09 03:47 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-03-09 03:47 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2016-03-09 03:47 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2016-03-09 03:47 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-03-09 03:47 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-03-09 03:47 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2016-03-09 03:47 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-09 03:47 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2016-03-09 03:47 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2016-03-09 03:47 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-03-09 03:47 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-03-09 03:47 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-09 03:47 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-09 03:47 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-03-09 03:47 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-09 03:47 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-09 03:46 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-03-09 03:46 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-03-09 03:46 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-03-09 03:46 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-03-09 03:46 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-09 03:46 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-03-09 03:46 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-03-09 03:46 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-03-09 03:46 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-09 03:46 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-09 03:46 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-03-09 03:46 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-03-09 03:46 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-03-09 03:46 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-03-09 03:46 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-03-09 03:46 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2016-03-09 03:46 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-09 03:46 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-03-09 03:46 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-03-09 03:46 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-03-09 03:46 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2016-03-09 03:46 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2016-03-09 03:46 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2016-03-09 03:46 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-03-09 03:46 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2016-03-09 03:46 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-03-09 03:46 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-03-09 03:46 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll 2016-03-09 03:46 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-03-09 03:46 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2016-03-09 03:46 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll 2016-03-09 03:46 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2016-03-09 03:46 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-09 03:46 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-03-09 03:46 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2016-03-09 03:46 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-09 03:46 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2016-03-09 03:46 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll 2016-03-09 03:46 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-09 03:46 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2016-03-09 03:46 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll 2016-03-09 03:46 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-09 03:46 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-09 03:46 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll 2016-03-09 03:46 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll 2016-03-09 03:46 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll 2016-03-09 03:46 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll 2016-03-09 03:46 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll 2016-03-09 03:46 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll 2016-03-09 03:46 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll 2016-03-09 03:46 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2016-03-09 03:46 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2016-03-09 03:46 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-03-09 03:46 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll 2016-03-09 03:46 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2016-03-09 03:46 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2016-03-09 03:46 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-03-09 03:46 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 03:46 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-03-09 03:46 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 03:46 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-09 03:46 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2016-03-09 03:46 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-03-09 03:46 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll 2016-03-09 03:46 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-03-09 03:46 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2016-03-09 03:46 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2016-03-09 03:46 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-09 03:46 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2016-03-09 03:46 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll 2016-03-09 03:46 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-03-09 03:46 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2016-03-09 03:46 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-09 03:46 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll 2016-03-09 03:46 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll 2016-03-09 03:46 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll 2016-03-09 03:46 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2016-03-09 03:46 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2016-03-09 03:46 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll 2016-03-09 03:46 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll 2016-03-09 03:46 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 03:46 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll 2016-03-09 03:46 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2016-03-09 03:46 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2016-03-09 03:46 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2016-03-09 03:46 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2016-03-09 03:46 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2016-03-09 03:46 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-03-09 03:46 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2016-03-09 03:46 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-03-09 03:46 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2016-03-09 03:46 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-03-09 03:46 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll 2016-03-09 03:46 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll 2016-03-09 03:46 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 03:46 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-03-09 03:46 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-03-08 18:19 - 2016-03-11 07:18 - 00000000 ____D C:\Users\norbe\AppData\Roaming\vlc 2016-03-08 18:19 - 2016-03-08 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-03-08 18:01 - 2016-03-08 18:01 - 00000000 ____D C:\Users\norbe\AppData\Local\Nem's Tools 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\MSBuild 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-03-08 17:57 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-03-08 17:57 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-03-08 17:57 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-03-07 18:48 - 2016-03-09 19:29 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\My Games 2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Roaming\FiraxisLive 2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Local\My Games 2016-03-07 15:42 - 2016-03-07 15:44 - 00000000 ____D C:\Users\norbe\AppData\Local\Ubisoft Game Launcher 2016-03-07 15:42 - 2016-03-07 15:42 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2016-03-06 20:51 - 2016-03-06 20:51 - 00001268 _____ C:\Users\norbe\Desktop\Bethesda.net_Launcher.lnk 2016-03-06 20:40 - 2016-03-18 21:12 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Awesomium 2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Elder Scrolls Online 2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\ProgramData\Elder Scrolls Online 2016-03-06 20:26 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA Corporation 2016-03-06 20:24 - 2016-03-07 18:49 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-06 20:23 - 2016-03-22 09:06 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-06 20:23 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-06 20:23 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA 2016-03-06 20:23 - 2016-02-17 07:40 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-03-06 20:22 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-06 20:22 - 2016-03-08 07:42 - 06371384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 02992576 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-06 20:22 - 2016-03-08 07:42 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-06 20:22 - 2016-03-07 05:22 - 06203411 _____ C:\Windows\system32\nvcoproc.bin 2016-03-06 20:22 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-06 20:22 - 2016-02-24 00:57 - 00215608 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-03-06 20:22 - 2016-02-24 00:57 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-03-06 20:21 - 2016-03-10 04:19 - 12653504 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-03-06 20:21 - 2016-03-08 11:27 - 20061152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 14226864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 03681672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 03259176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00545632 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00037702 _____ C:\Windows\system32\nvinfo.pb 2016-03-06 20:21 - 2016-02-24 00:57 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436200.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436200.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-03-06 20:21 - 2016-02-24 00:57 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-03-06 20:21 - 2016-02-24 00:57 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-03-06 20:20 - 2016-03-21 10:14 - 00000000 ____D C:\NVIDIA 2016-03-06 20:20 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-02 17:13 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-02 17:13 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-03-02 17:13 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2016-03-02 17:13 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-02 17:13 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll 2016-03-02 17:13 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll 2016-03-02 17:13 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-03-02 17:13 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-02 17:13 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-02 17:13 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-03-02 17:13 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-03-02 17:13 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-02 17:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-03-02 17:13 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-03-02 17:13 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-03-02 17:12 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-03-02 17:12 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ C:\Windows\system32\CoreUIComponents.dll 2016-03-02 17:12 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-03-02 17:12 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-03-02 17:12 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-03-02 17:12 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2016-03-02 17:12 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2016-03-02 17:12 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2016-03-02 17:12 - 2016-02-23 11:34 - 01859960 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-03-02 17:12 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-03-02 17:12 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-03-02 17:12 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-03-02 17:12 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-02 17:12 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2016-03-02 17:12 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-03-02 17:12 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-03-02 17:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-03-02 17:12 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-03-02 17:12 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2016-03-02 17:12 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-03-02 17:12 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-02 17:12 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-03-02 17:12 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2016-03-02 17:12 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2016-03-02 17:12 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll 2016-03-02 17:12 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2016-03-02 17:12 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys 2016-03-02 17:12 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2016-03-02 17:12 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll 2016-03-02 17:12 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll 2016-03-02 17:12 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe 2016-03-02 17:12 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll 2016-03-02 17:12 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll 2016-03-02 17:12 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-03-02 17:12 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-02 17:12 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2016-03-02 17:12 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-02 17:12 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\irmon.dll 2016-03-02 17:12 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe 2016-03-02 17:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-03-02 17:12 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2016-03-02 17:12 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll 2016-03-02 17:12 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll 2016-03-02 17:12 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe 2016-03-02 17:12 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2016-03-02 17:12 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll 2016-03-02 17:12 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerClient.dll 2016-03-02 17:12 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll 2016-03-02 17:12 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2016-03-02 17:12 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll 2016-03-02 17:12 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2016-03-02 17:12 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll 2016-03-02 17:12 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll 2016-03-02 17:12 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2016-03-02 17:12 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll 2016-03-02 17:12 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-03-02 17:12 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2016-03-02 17:12 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll 2016-03-02 17:12 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2016-03-02 17:12 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll 2016-03-02 17:12 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2016-03-02 17:12 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2016-03-02 17:12 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-02 17:12 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll 2016-03-02 17:12 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2016-03-02 17:12 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-03-02 17:12 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2016-03-02 17:12 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe 2016-03-02 17:12 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-03-02 17:12 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2016-03-02 17:12 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-03-02 17:12 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-03-02 17:12 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2016-03-02 17:12 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe 2016-03-02 17:12 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2016-03-02 17:12 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-03-02 17:12 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-03-02 17:12 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2016-03-02 17:12 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2016-03-02 17:12 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-03-02 17:12 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll 2016-03-02 17:12 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeBrokerClient.dll 2016-03-02 17:12 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2016-03-02 17:12 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll 2016-03-02 17:12 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll 2016-03-02 17:12 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-03-02 17:12 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll 2016-03-02 17:12 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2016-03-02 17:12 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-03-02 17:12 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-02 17:12 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2016-03-02 17:12 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-03-02 17:12 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-02 17:12 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2016-03-02 17:12 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll 2016-03-02 17:12 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-03-02 17:12 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2016-03-02 17:12 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2016-03-02 17:12 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-02 17:12 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll 2016-03-02 17:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-03-02 17:12 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-03-02 17:12 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-03-02 17:12 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-03-02 17:12 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2016-03-02 17:12 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll 2016-03-02 17:12 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-03-02 17:12 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-02 17:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-03-02 17:12 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-03-02 17:12 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-03-02 17:12 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-03-02 17:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-03-02 17:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-03-02 17:12 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-02 17:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-03-02 17:12 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-03-02 17:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-03-02 17:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-03-02 17:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-03-02 17:12 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-03-02 17:12 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-03-02 17:12 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2016-03-02 17:12 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-03-02 17:12 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2016-03-02 17:12 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2016-03-02 17:12 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe 2016-02-27 22:07 - 2016-02-27 22:07 - 00281380 _____ C:\Windows\Minidump\022716-9031-01.dmp 2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Skype 2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\ProgramData\Skype 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\Users\norbe\Tracing 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-02-27 13:53 - 2016-02-27 13:53 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Artifex Mundi 2016-02-21 15:03 - 2016-02-21 15:03 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Foxit Software 2016-02-21 15:02 - 2016-02-21 15:02 - 00000000 ____D C:\Users\Public\Foxit Software 2016-02-21 15:02 - 2016-02-21 15:02 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Foxit AgentInformation 2016-02-21 14:56 - 2016-02-21 14:56 - 00000000 ____D C:\Users\norbe\AppData\LocalLow\Temp 2016-02-21 14:11 - 2016-02-21 14:52 - 00012783 _____ C:\Users\norbe\OneDrive\Dokumente\Protokoll Boonekamp Gruppe 3.xlsx 2016-02-21 11:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-02-21 11:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-02-21 11:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2016-02-21 11:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-02-21 11:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-02-21 11:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-02-21 11:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-02-21 11:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-02-21 11:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-02-21 11:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-02-21 11:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2016-02-21 11:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-02-21 11:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-02-21 11:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2016-02-21 11:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2016-02-21 11:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-02-21 11:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-02-21 11:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2016-02-21 11:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-02-21 11:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2016-02-21 11:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2016-02-21 11:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-02-21 11:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2016-02-21 11:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-02-21 11:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2016-02-21 11:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-02-21 11:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-02-21 11:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2016-02-21 11:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2016-02-21 11:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-02-21 11:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-02-21 11:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2016-02-21 11:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2016-02-21 11:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-02-21 11:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2016-02-21 11:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-02-21 11:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2016-02-21 11:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2016-02-21 11:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-02-21 11:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-02-21 11:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2016-02-21 11:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-02-21 11:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2016-02-21 11:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-02-21 11:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2016-02-21 11:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-02-21 11:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2016-02-21 11:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-02-21 11:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2016-02-21 11:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-02-21 11:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2016-02-21 11:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-02-21 11:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2016-02-21 11:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-02-21 11:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2016-02-21 11:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-02-21 11:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2016-02-21 11:51 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-02-21 11:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-02-21 11:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2016-02-21 11:51 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-02-21 11:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-02-21 11:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2016-02-21 11:51 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-02-21 11:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2016-02-21 11:51 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-02-21 11:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2016-02-21 11:51 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-02-21 11:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2016-02-21 11:51 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-02-21 11:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2016-02-21 11:51 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-02-21 11:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2016-02-21 11:51 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-02-21 11:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2016-02-21 11:51 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-02-21 11:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2016-02-21 11:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2016-02-21 11:51 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-02-21 11:51 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-02-21 11:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2016-02-21 11:51 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-02-21 11:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2016-02-21 11:51 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-02-21 11:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2016-02-21 11:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2016-02-21 11:51 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-02-21 11:51 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-02-21 11:51 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-02-21 11:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2016-02-21 11:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2016-02-21 11:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2016-02-21 11:51 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-02-21 11:51 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-02-21 11:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2016-02-21 11:51 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-02-21 11:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2016-02-21 11:51 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-02-21 11:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2016-02-21 11:51 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-02-21 11:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2016-02-21 11:51 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-02-21 11:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2016-02-21 11:51 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-02-21 11:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2016-02-21 11:51 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-02-21 11:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2016-02-21 11:51 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-02-21 11:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2016-02-21 11:51 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-02-21 11:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2016-02-21 11:51 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-02-21 11:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2016-02-21 11:51 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-02-21 11:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-22 09:47 - 2016-02-20 15:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-22 09:30 - 2016-02-13 21:08 - 00000000 ____D C:\ProgramData\360safe 2016-03-22 09:18 - 2016-02-13 21:08 - 00000000 ____D C:\Users\norbe\AppData\LocalLow\360WD 2016-03-22 09:13 - 2016-02-13 20:41 - 01827448 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-22 09:13 - 2016-02-13 20:39 - 00000000 ____D C:\Users\norbe\AppData\Local\MicrosoftEdge 2016-03-22 09:13 - 2015-10-30 19:35 - 00790808 _____ C:\Windows\system32\perfh007.dat 2016-03-22 09:13 - 2015-10-30 19:35 - 00159688 _____ C:\Windows\system32\perfc007.dat 2016-03-22 09:13 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF 2016-03-22 09:06 - 2016-02-13 20:52 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-22 09:06 - 2016-02-13 20:52 - 00000000 __SHD C:\Users\norbe\IntelGraphicsProfiles 2016-03-22 09:06 - 2016-02-13 20:33 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-21 22:15 - 2015-10-30 07:28 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 __SHD C:\$360Section 2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 ____D C:\ProgramData\360Quarant 2016-03-21 20:50 - 2016-02-13 21:08 - 00000000 _RSHD C:\360SANDBOX 2016-03-21 19:56 - 2016-02-13 21:28 - 00194304 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-21 11:28 - 2015-10-30 08:24 - 00000127 _____ C:\Windows\win.ini 2016-03-21 10:16 - 2016-02-13 20:35 - 00000000 ____D C:\Users\norbe 2016-03-21 10:15 - 2016-02-14 12:14 - 00000000 ____D C:\Windows\Minidump 2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration 2016-03-20 20:55 - 2016-02-13 20:31 - 00000000 ____D C:\Windows\Panther 2016-03-20 20:21 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\LiveKernelReports 2016-03-20 15:35 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness 2016-03-13 20:25 - 2016-02-13 20:38 - 00002387 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-13 20:25 - 2016-02-13 20:38 - 00000000 ___RD C:\Users\norbe\OneDrive 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-11 00:47 - 2016-02-20 15:06 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-03-10 22:37 - 2016-02-13 21:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-10 22:37 - 2016-02-13 21:19 - 00000000 ____D C:\Windows\system32\MRT 2016-03-10 22:37 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp 2016-03-09 23:13 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache 2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\MUI 2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\MUI 2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-07 21:00 - 2016-02-15 19:06 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Spotify 2016-03-07 21:00 - 2016-02-15 19:05 - 00000000 ____D C:\Users\norbe\AppData\Local\Spotify 2016-03-06 20:22 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\Help 2016-03-06 19:51 - 2016-02-13 20:36 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-06 19:50 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-03-06 19:49 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 __RSD C:\Windows\Media 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\PurchaseDialog 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr 2016-03-06 19:49 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Dism 2016-02-29 18:07 - 2016-02-17 18:57 - 00001836 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-02-27 22:07 - 2016-02-14 12:14 - 663970275 _____ C:\Windows\MEMORY.DMP 2016-02-21 11:51 - 2016-02-13 20:45 - 00000000 ____D C:\ProgramData\Package Cache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-03-21 11:26 - 2016-03-21 11:29 - 0000835 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\norbe\AppData\Local\Temp\AMDCleanupUtility.exe C:\Users\norbe\AppData\Local\Temp\Cleanup.dll C:\Users\norbe\AppData\Local\Temp\ddu.exe C:\Users\norbe\AppData\Local\Temp\msvcm80.dll C:\Users\norbe\AppData\Local\Temp\msvcp80.dll C:\Users\norbe\AppData\Local\Temp\msvcr80.dll C:\Users\norbe\AppData\Local\Temp\nvSCPAPI.dll C:\Users\norbe\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\norbe\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-14 21:28 ==================== Ende von FRST.txt ============================ |
|
22.03.2016, 10:46
| #2 |
| | Adware/Browser Hijacker: m55.dnsqa.meCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von norbe (2016-03-22 09:57:24)
Gestartet von D:\Downloads
Windows 10 Pro Version 1511 (X64) (2016-02-13 19:34:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3455921864-2365325757-1580788810-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3455921864-2365325757-1580788810-503 - Limited - Disabled)
Gast (S-1-5-21-3455921864-2365325757-1580788810-501 - Limited - Disabled)
norbe (S-1-5-21-3455921864-2365325757-1580788810-1001 - Administrator - Enabled) => C:\Users\norbe
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.2.0.1098 - 360 Security Center)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Skybox Labs)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freedom Planet (HKLM-x32\...\Steam App 248310) (Version: - GalaxyTrail)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - Game in a Bottle)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Live! Cam Chat HD VF0790 Driver (1.00.07.00) (HKLM\...\Creative VF0790) (Version: - Creative Technology Ltd.)
Magicka 2 (HKLM-x32\...\Steam App 238370) (Version: - Pieces Interactive)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Ninja Cats vs Samurai Dogs (HKLM-x32\...\Steam App 260380) (Version: - Eutechnyx)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Pharaoh Gold (HKLM-x32\...\GOGPACKPHARAOH_is1) (Version: 2.0.0.12 - GOG.com)
PS_AIO_04_C5300_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Time Mysteries 2: The Ancient Spectres (HKLM-x32\...\Steam App 313650) (Version: - Artifex Mundi sp. z o.o.)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3455921864-2365325757-1580788810-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\norbe\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D69B658-877F-47CC-8432-86BB34A0CA82} - System32\Tasks\{414B0950-34C1-4197-32DC-28352DDC627F} => C:\Windows\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
Task: {22CECA3B-4F73-4FAC-9946-D47CD8A8B04B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {4EC4E635-0B7B-43B5-B859-A8AF6440F729} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-07 18:49 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-06 20:23 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-07 18:49 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-13 21:07 - 2016-02-01 07:20 - 00614480 _____ () D:\Programme\360 Total Security\360\Total Security\MenuEx64.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-13 21:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-13 21:18 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-13 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-13 21:18 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 17:12 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-13 21:07 - 2016-02-01 07:20 - 00088184 _____ () D:\Programme\360 Total Security\360\Total Security\deepscan\qutmload.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-06 20:23 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-13 21:07 - 2016-02-01 07:20 - 00578168 _____ () D:\Programme\360 Total Security\360\Total Security\safemon\wdui2.dll
2016-03-09 07:22 - 2016-02-10 02:17 - 00782336 _____ () D:\Steam\SDL2.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam\v8.dll
2016-03-13 21:45 - 2016-03-10 20:02 - 02547792 _____ () D:\Steam\video.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam\icui18n.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam\icuuc.dll
2016-03-13 21:45 - 2016-03-10 20:02 - 00802896 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-09 07:22 - 2016-02-17 23:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2016-03-09 07:22 - 2016-02-09 02:33 - 48400672 _____ () D:\Steam\bin\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2016-02-20 15:06 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "V0790Mon.exe"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{82771F4F-313C-4769-9AA4-418D3C5A49C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{321241D2-7594-4CDF-9997-AD580A82DE4F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{063550EF-2CE1-43DB-A9CE-426B98E94894}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{90E744CE-D950-4454-8BBE-04390BB96C15}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E7097CE7-DBF8-4049-AC75-9F048848B468}] => (Allow) D:\Programme\360 Total Security\360\Total Security\LiveUpdate360.exe
FirewallRules: [{2BE741DB-055B-42B6-B9EC-235B0F89F006}] => (Allow) D:\Programme\360 Total Security\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{8FEA0249-4487-47B3-BAD0-F5414262E9EB}D:\spotify\spotify.exe] => (Allow) D:\spotify\spotify.exe
FirewallRules: [UDP Query User{5FD604EF-A8DA-45C4-AEE3-50FA5D263974}D:\spotify\spotify.exe] => (Allow) D:\spotify\spotify.exe
FirewallRules: [TCP Query User{AEDFE6C1-75FA-464C-BF00-F4D722AD5564}C:\users\norbe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\norbe\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BD12528C-4372-4A20-AF77-90C6F399B99E}C:\users\norbe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\norbe\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA0150A1-115D-4924-BDC9-C1F48BFF4E04}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{83FE5A16-5AC3-4FFA-8558-925FBCC064F1}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{8837699B-DB72-4074-9BF0-4E3BA313EE73}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E1BECD3-3A1C-42A1-A3A2-EC8BDE5B6CD3}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{D67FAC31-1C9F-4845-9812-4B88964686C0}] => (Allow) D:\Programme\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{17411AA6-1B6B-4099-A578-AC70AEE5EDFD}] => (Allow) D:\Programme\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe
FirewallRules: [{F6275331-9AC0-40E8-B1DF-9107F9FE3EB9}] => (Allow) D:\Programme\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F5390EA9-C481-40E9-9B75-7268A1C176F1}] => (Allow) D:\Programme\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{97D0A260-525D-4F6F-8287-6DDFCE9290FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B7582BE0-18D4-47AF-9EF6-F2C87FC16E13}] => (Allow) D:\Programme\Steam\steamapps\common\Freedom Planet\FP.exe
FirewallRules: [{6B8A5FFA-4B29-4939-A168-DD62C33331C3}] => (Allow) D:\Programme\Steam\steamapps\common\Freedom Planet\FP.exe
FirewallRules: [{54B090DA-AFE5-4B3A-8E76-09E0A5879425}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{34F99482-372E-4C03-B611-55F153F0178F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{377CD92C-020A-48D4-A3DC-EE3F130E9940}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C1D8C5ED-8792-4A7F-B3C3-5F9B76E8F6BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{49242490-A6B4-4D2F-ADC2-18217A6FD799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{105EF175-A969-48FE-86FD-B8BC309686D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A2D66CE7-FE76-48EC-B8C6-E9E766F9C180}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ED10C74A-7206-4821-9A09-8AFE82380456}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1026049B-7CD2-4E79-A26A-B3309563A1CB}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B68F7C5-11FD-47E9-9B52-CA6F3ED8371F}] => (Allow) D:\Programme\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{E0AE3CF6-56C0-4B49-B8D1-5EBA79110270}] => (Allow) D:\Programme\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{B92ED208-4DDC-4347-B0C5-0B7B83C3C236}] => (Allow) D:\Programme\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{40E4A88F-F2AC-4794-9181-C1C839AEC541}] => (Allow) D:\Programme\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{4E494B50-5FA5-4BB6-AB9A-888410B5C856}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{97D797B1-9984-495E-8050-D82F99B2AC55}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0D57D7C6-23E3-4DD3-AB94-36DFAF490DBF}] => (Allow) D:\Programme\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{AD7779A4-0429-41C4-B1AB-ACC5440CEF9F}] => (Allow) D:\Programme\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{CADF9BC9-D54C-426F-98FD-97D73E6A0BE9}] => (Allow) D:\Programme\Steam\steamapps\common\Ninja Cats vs Samurai Dogs\NCvSD.exe
FirewallRules: [{61096F71-C5E2-4410-9ADF-803F333C79F9}] => (Allow) D:\Programme\Steam\steamapps\common\Ninja Cats vs Samurai Dogs\NCvSD.exe
FirewallRules: [{33FCB0D6-7F08-44B6-B911-AD1D516E4233}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{3A3C50EC-891A-4164-827F-CA282AF3C71F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{4A0C63F2-89CD-4238-A503-A77D9ECB6894}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8A1EF93-D767-4F06-A8CA-BFF8AA6B4E83}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E5B1270B-BE79-472A-AF9F-CB5FE8C14127}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{ACCB990A-03F9-4359-891F-E1057518A225}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{B003E7FE-24DD-4DA0-BBD4-96117CD65BF8}D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{FBA336EC-DA7D-47BC-86A7-4C3D361D35F9}D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{32E37EAF-419B-4094-A544-DE4E0556FD13}] => (Allow) D:\Steam\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{1F8DC8B5-C815-4889-8B3D-85B1D75575E8}] => (Allow) D:\Steam\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{ECD3005E-F043-4F3C-801D-DC82E97BCB5F}] => (Allow) D:\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{07891999-1D00-489C-B2DC-B1F4D5109053}] => (Allow) D:\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{91CD8F53-38AD-4EEC-9907-68ACDFCC006A}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [TCP Query User{14FD28E3-913B-4B1C-8236-F28CCE9FBFAD}D:\spiele\starcitizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\spiele\starcitizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{AA853797-4223-467B-8605-39A97A239262}D:\spiele\starcitizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\spiele\starcitizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{68854D5E-BE70-4E11-A6B3-C4A1ACF6B621}C:\windows\system32\runtimebroker.exe] => (Allow) C:\windows\system32\runtimebroker.exe
FirewallRules: [UDP Query User{3C5BADF1-EE49-4090-8E3F-F324D9158CFE}C:\windows\system32\runtimebroker.exe] => (Allow) C:\windows\system32\runtimebroker.exe
FirewallRules: [{75484A13-E780-4845-8965-048E29C0AB53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1BB170B9-BEDB-40EB-AE17-28B2607BC560}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5D07B46D-6670-48BD-96AF-615AEDD43837}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C86083F9-4E11-49D9-8C7E-26296CEBD2A2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7F0B20EC-9AFB-48CD-87AD-1E95ECA1040C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{ACE15E02-2066-42A8-82A8-F2C823223224}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{8F5A1E32-BDAD-42CC-BD52-3B4FB1BD0249}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{70BBE8DA-42F8-4C57-82B1-FA7C4D085F0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{25B5BBCE-2F75-4C3C-88CE-A1BFDEA75A74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{54C0F8C2-4390-49FA-A52C-531148526C60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{020B6A51-5D60-484C-8B7F-64C2C430031C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{41627127-FEE6-46FC-8BB9-3A830D00D9BB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{6E6BDBF6-5D85-41E1-B176-9122FA65FFDA}] => (Allow) D:\Programme\360 Total Security\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{EDF74480-6A27-4AB5-A8FB-8E6682B21DFA}] => (Allow) D:\Programme\360 Total Security\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{85B0153A-1EA8-4CA0-BF92-87954E3C6EF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C60D1D7-BEC7-452D-8314-86A8861EFF50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/21/2016 09:39:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8066". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/21/2016 09:39:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8066". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/21/2016 10:38:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 44.0.2.5884, Zeitstempel: 0x56bbf417
Name des fehlerhaften Moduls: mozglue.dll, Version: 44.0.2.5884, Zeitstempel: 0x56bbe58e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed3b
ID des fehlerhaften Prozesses: 0x72c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (03/21/2016 10:33:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 44.0.2.5884 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1cf0
Startzeit: 01d183540c7e2d3a
Beendigungszeit: 4294967295
Anwendungspfad: D:\Programme\Mozilla\firefox.exe
Berichts-ID: f4b21e36-ef47-11e5-88ba-fcaa14310ba7
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/21/2016 10:15:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1320) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU0009C.log.
Error: (03/21/2016 10:13:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/21/2016 10:13:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/21/2016 10:11:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-NORB)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/21/2016 10:10:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/21/2016 10:09:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (03/22/2016 09:06:28 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (03/22/2016 08:55:16 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (03/22/2016 08:44:27 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (03/21/2016 10:14:25 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (03/21/2016 10:14:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4f279" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/21/2016 10:14:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4f279" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/21/2016 10:14:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4f279" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/21/2016 10:14:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4f279" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/21/2016 10:14:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/21/2016 09:32:55 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
CodeIntegrity:
===================================
Date: 2016-03-21 20:01:59.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-21 10:18:05.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-20 20:56:54.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-18 17:10:24.073
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-14 22:21:41.236
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 11:41:14.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 03:23:20.643
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-09 19:20:00.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-09 03:33:49.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-08 18:26:23.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16249.03 MB
Verfügbarer physikalischer RAM: 13241.46 MB
Summe virtueller Speicher: 18681.03 MB
Verfügbarer virtueller Speicher: 15378.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:206.98 GB) NTFS
Drive d: (Volume) (Fixed) (Total:735.86 GB) (Free:492.61 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 26EB0CFA)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 26EB0CF2)
Partition 1: (Not Active) - (Size=735.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter 09:56:25.0657 0x21c4 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:56:25.0657 0x21c4 UEFI system
09:56:29.0341 0x21c4 ============================================================
09:56:29.0341 0x21c4 Current date / time: 2016/03/22 09:56:29.0341
09:56:29.0341 0x21c4 SystemInfo:
09:56:29.0341 0x21c4
09:56:29.0341 0x21c4 OS Version: 10.0.10586 ServicePack: 0.0
09:56:29.0341 0x21c4 Product type: Workstation
09:56:29.0341 0x21c4 ComputerName: PC-NORB
09:56:29.0341 0x21c4 UserName: norbe
09:56:29.0341 0x21c4 Windows directory: C:\Windows
09:56:29.0341 0x21c4 System windows directory: C:\Windows
09:56:29.0341 0x21c4 Running under WOW64
09:56:29.0341 0x21c4 Processor architecture: Intel x64
09:56:29.0341 0x21c4 Number of processors: 4
09:56:29.0341 0x21c4 Page size: 0x1000
09:56:29.0341 0x21c4 Boot type: Normal boot
09:56:29.0341 0x21c4 ============================================================
09:56:29.0942 0x21c4 KLMD registered as C:\Windows\system32\drivers\70552111.sys
09:56:30.0027 0x21c4 System UUID: {35373E4E-F4F2-17AC-71E4-6FD4689325E0}
09:56:30.0374 0x21c4 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:56:30.0390 0x21c4 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:56:30.0390 0x21c4 ============================================================
09:56:30.0390 0x21c4 \Device\Harddisk0\DR0:
09:56:30.0390 0x21c4 GPT partitions:
09:56:30.0390 0x21c4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B707FD4A-EF6B-481D-816A-146A80B18491}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
09:56:30.0390 0x21c4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F3694642-B6B9-4572-8BA6-24C9AEEC53CE}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
09:56:30.0390 0x21c4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5D3D2C54-E4E8-4D35-AA98-CE2ECCF78EE5}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
09:56:30.0390 0x21c4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {89D0FE92-B7F7-40CB-BCE8-7B480991F8C7}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1DBD7800
09:56:30.0390 0x21c4 MBR partitions:
09:56:30.0390 0x21c4 \Device\Harddisk1\DR1:
09:56:30.0390 0x21c4 MBR partitions:
09:56:30.0390 0x21c4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x5BFB6000
09:56:30.0390 0x21c4 ============================================================
09:56:30.0390 0x21c4 C: <-> \Device\Harddisk0\DR0\Partition4
09:56:30.0407 0x21c4 D: <-> \Device\Harddisk1\DR1\Partition1
09:56:30.0407 0x21c4 ============================================================
09:56:30.0407 0x21c4 Initialize success
09:56:30.0407 0x21c4 ============================================================
10:15:18.0566 0x0328 ============================================================
10:15:18.0566 0x0328 Scan started
10:15:18.0566 0x0328 Mode: Manual; SigCheck; TDLFS;
10:15:18.0566 0x0328 ============================================================
10:15:18.0566 0x0328 KSN ping started
10:15:20.0938 0x0328 KSN ping finished: true
10:15:23.0032 0x0328 ================ Scan system memory ========================
10:15:23.0032 0x0328 System memory - ok
10:15:23.0032 0x0328 ================ Scan services =============================
10:15:23.0079 0x0328 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
10:15:23.0116 0x0328 1394ohci - ok
10:15:23.0132 0x0328 [ 1A21077AEE7EC27A1A4321C45AA923ED, E148E2FF0D2D08E2663BB67221B1EFA2F4831961C8CD94C0FC3A6B2B1EC0FABB ] 360AntiHacker C:\Windows\system32\Drivers\360AntiHacker64.sys
10:15:23.0148 0x0328 360AntiHacker - ok
10:15:23.0163 0x0328 [ 487CAEA3F23CA2E73C76E08E63920636, 39FFE43C7818E3D3B4D4FB85842470666E9B6810BA88074A64F270281F6F9060 ] 360AvFlt C:\Windows\system32\DRIVERS\360AvFlt.sys
10:15:23.0163 0x0328 360AvFlt - ok
10:15:23.0179 0x0328 [ F18C1EE63D7CBDA764F8ED13FF4A2D25, 155A41C5B377B71C13598687072663E67A6E8695EB06949AC944A004A5B79CF9 ] 360Box64 C:\Windows\system32\DRIVERS\360Box64.sys
10:15:23.0185 0x0328 360Box64 - ok
10:15:23.0185 0x0328 [ D31541708A595BCA380105D44C2C2AD5, 730351AAB90D627BDA6E73035869AE314508933160035DDE38F1CB4665B81498 ] 360Camera C:\Windows\system32\Drivers\360Camera64.sys
10:15:23.0185 0x0328 360Camera - ok
10:15:23.0201 0x0328 [ F08187540EFF73F6B64AD9BE20223793, DD2F731927753C2DEC4713CFB8E4B5A39F573EAABBCBEB12DFC3052DBD909ADB ] 360FsFlt C:\Windows\system32\DRIVERS\360FsFlt.sys
10:15:23.0217 0x0328 360FsFlt - ok
10:15:23.0217 0x0328 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\Windows\system32\drivers\3ware.sys
10:15:23.0232 0x0328 3ware - ok
10:15:23.0248 0x0328 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:15:23.0263 0x0328 ACPI - ok
10:15:23.0263 0x0328 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
10:15:23.0283 0x0328 acpiex - ok
10:15:23.0286 0x0328 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
10:15:23.0286 0x0328 acpipagr - ok
10:15:23.0286 0x0328 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
10:15:23.0301 0x0328 AcpiPmi - ok
10:15:23.0301 0x0328 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\Windows\System32\drivers\acpitime.sys
10:15:23.0317 0x0328 acpitime - ok
10:15:23.0348 0x0328 [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:15:23.0348 0x0328 AdobeFlashPlayerUpdateSvc - ok
10:15:23.0381 0x0328 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
10:15:23.0401 0x0328 ADP80XX - ok
10:15:23.0417 0x0328 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\Windows\system32\drivers\afd.sys
10:15:23.0433 0x0328 AFD - ok
10:15:23.0433 0x0328 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:15:23.0448 0x0328 agp440 - ok
10:15:23.0448 0x0328 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
10:15:23.0464 0x0328 ahcache - ok
10:15:23.0464 0x0328 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\Windows\System32\AJRouter.dll
10:15:23.0486 0x0328 AJRouter - ok
10:15:23.0486 0x0328 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\Windows\System32\alg.exe
10:15:23.0502 0x0328 ALG - ok
10:15:23.0502 0x0328 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
10:15:23.0517 0x0328 AmdK8 - ok
10:15:23.0517 0x0328 [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd C:\Windows\system32\drivers\amdkmafd.sys
10:15:23.0517 0x0328 amdkmafd - ok
10:15:23.0533 0x0328 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
10:15:23.0533 0x0328 AmdPPM - ok
10:15:23.0549 0x0328 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:15:23.0549 0x0328 amdsata - ok
10:15:23.0564 0x0328 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:15:23.0564 0x0328 amdsbs - ok
10:15:23.0580 0x0328 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:15:23.0586 0x0328 amdxata - ok
10:15:23.0586 0x0328 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\Windows\system32\drivers\appid.sys
10:15:23.0602 0x0328 AppID - ok
10:15:23.0602 0x0328 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:15:23.0618 0x0328 AppIDSvc - ok
10:15:23.0618 0x0328 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\Windows\System32\appinfo.dll
10:15:23.0633 0x0328 Appinfo - ok
10:15:23.0633 0x0328 [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt C:\Windows\System32\appmgmts.dll
10:15:23.0649 0x0328 AppMgmt - ok
10:15:23.0664 0x0328 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\Windows\system32\AppReadiness.dll
10:15:23.0687 0x0328 AppReadiness - ok
10:15:23.0718 0x0328 [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
10:15:23.0786 0x0328 AppXSvc - ok
10:15:23.0786 0x0328 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:15:23.0802 0x0328 arcsas - ok
10:15:23.0802 0x0328 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
10:15:23.0818 0x0328 AsyncMac - ok
10:15:23.0818 0x0328 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\Windows\system32\drivers\atapi.sys
10:15:23.0833 0x0328 atapi - ok
10:15:23.0833 0x0328 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
10:15:23.0849 0x0328 AudioEndpointBuilder - ok
10:15:23.0865 0x0328 [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:15:23.0902 0x0328 Audiosrv - ok
10:15:23.0902 0x0328 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:15:23.0918 0x0328 AxInstSV - ok
10:15:23.0934 0x0328 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:15:23.0949 0x0328 b06bdrv - ok
10:15:23.0965 0x0328 [ 8ADCD9C011CD1C1E7C0C5A3292D0F6B0, 85BB3B538F0926B6A84AA76EFD19ED77D7F48F431B2F2574AE898BAC20421B07 ] BAPIDRV C:\Windows\system32\DRIVERS\BAPIDRV64.sys
10:15:23.0965 0x0328 BAPIDRV - ok
10:15:23.0965 0x0328 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
10:15:23.0987 0x0328 BasicDisplay - ok
10:15:23.0987 0x0328 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
10:15:23.0987 0x0328 BasicRender - ok
10:15:24.0002 0x0328 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\Windows\System32\drivers\bcmfn.sys
10:15:24.0002 0x0328 bcmfn - ok
10:15:24.0002 0x0328 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
10:15:24.0018 0x0328 bcmfn2 - ok
10:15:24.0034 0x0328 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\Windows\System32\bdesvc.dll
10:15:24.0049 0x0328 BDESVC - ok
10:15:24.0049 0x0328 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\Windows\system32\drivers\Beep.sys
10:15:24.0065 0x0328 Beep - ok
10:15:24.0081 0x0328 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\Windows\System32\bfe.dll
10:15:24.0102 0x0328 BFE - ok
10:15:24.0118 0x0328 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\Windows\System32\qmgr.dll
10:15:24.0165 0x0328 BITS - ok
10:15:24.0165 0x0328 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:15:24.0184 0x0328 bowser - ok
10:15:24.0187 0x0328 [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
10:15:24.0203 0x0328 BrokerInfrastructure - ok
10:15:24.0219 0x0328 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\Windows\System32\browser.dll
10:15:24.0234 0x0328 Browser - ok
10:15:24.0234 0x0328 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
10:15:24.0250 0x0328 BthAvrcpTg - ok
10:15:24.0250 0x0328 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
10:15:24.0250 0x0328 BthHFEnum - ok
10:15:24.0265 0x0328 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
10:15:24.0265 0x0328 bthhfhid - ok
10:15:24.0285 0x0328 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
10:15:24.0287 0x0328 BthHFSrv - ok
10:15:24.0303 0x0328 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
10:15:24.0303 0x0328 BTHMODEM - ok
10:15:24.0319 0x0328 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\Windows\system32\bthserv.dll
10:15:24.0319 0x0328 bthserv - ok
10:15:24.0334 0x0328 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
10:15:24.0334 0x0328 buttonconverter - ok
10:15:24.0350 0x0328 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\Windows\System32\drivers\capimg.sys
10:15:24.0350 0x0328 CapImg - ok
10:15:24.0366 0x0328 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:15:24.0366 0x0328 cdfs - ok
10:15:24.0386 0x0328 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\Windows\System32\CDPSvc.dll
10:15:24.0403 0x0328 CDPSvc - ok
10:15:24.0403 0x0328 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\Windows\System32\drivers\cdrom.sys
10:15:24.0419 0x0328 cdrom - ok
10:15:24.0419 0x0328 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\Windows\System32\certprop.dll
10:15:24.0435 0x0328 CertPropSvc - ok
10:15:24.0435 0x0328 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\Windows\System32\drivers\circlass.sys
10:15:24.0450 0x0328 circlass - ok
10:15:24.0466 0x0328 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\Windows\system32\drivers\CLFS.sys
10:15:24.0466 0x0328 CLFS - ok
10:15:24.0488 0x0328 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\Windows\System32\ClipSVC.dll
10:15:24.0504 0x0328 ClipSVC - ok
10:15:24.0519 0x0328 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
10:15:24.0519 0x0328 CmBatt - ok
10:15:24.0535 0x0328 [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG C:\Windows\system32\Drivers\cng.sys
10:15:24.0551 0x0328 CNG - ok
10:15:24.0551 0x0328 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
10:15:24.0566 0x0328 cnghwassist - ok
10:15:24.0588 0x0328 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
10:15:24.0588 0x0328 CompositeBus - ok
10:15:24.0588 0x0328 COMSysApp - ok
10:15:24.0604 0x0328 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\Windows\system32\drivers\condrv.sys
10:15:24.0604 0x0328 condrv - ok
10:15:24.0620 0x0328 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
10:15:24.0635 0x0328 CoreMessagingRegistrar - ok
10:15:24.0666 0x0328 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:15:24.0689 0x0328 cphs - ok
10:15:24.0689 0x0328 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:15:24.0704 0x0328 CryptSvc - ok
10:15:24.0704 0x0328 [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC C:\Windows\system32\drivers\csc.sys
10:15:24.0735 0x0328 CSC - ok
10:15:24.0751 0x0328 [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService C:\Windows\System32\cscsvc.dll
10:15:24.0767 0x0328 CscService - ok
10:15:24.0786 0x0328 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\Windows\system32\drivers\dam.sys
10:15:24.0789 0x0328 dam - ok
10:15:24.0805 0x0328 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:15:24.0836 0x0328 DcomLaunch - ok
10:15:24.0836 0x0328 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\Windows\system32\dcpsvc.dll
10:15:24.0867 0x0328 DcpSvc - ok
10:15:24.0867 0x0328 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\Windows\System32\defragsvc.dll
10:15:24.0905 0x0328 defragsvc - ok
10:15:24.0905 0x0328 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\Windows\system32\das.dll
10:15:24.0936 0x0328 DeviceAssociationService - ok
10:15:24.0936 0x0328 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
10:15:24.0952 0x0328 DeviceInstall - ok
10:15:24.0952 0x0328 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
10:15:24.0967 0x0328 DevQueryBroker - ok
10:15:24.0967 0x0328 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
10:15:24.0989 0x0328 Dfsc - ok
10:15:24.0989 0x0328 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:15:25.0005 0x0328 Dhcp - ok
10:15:25.0005 0x0328 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:15:25.0020 0x0328 diagnosticshub.standardcollector.service - ok
10:15:25.0052 0x0328 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\Windows\system32\diagtrack.dll
10:15:25.0089 0x0328 DiagTrack - ok
10:15:25.0089 0x0328 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\Windows\system32\drivers\disk.sys
10:15:25.0105 0x0328 disk - ok
10:15:25.0105 0x0328 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
10:15:25.0121 0x0328 DmEnrollmentSvc - ok
10:15:25.0136 0x0328 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
10:15:25.0136 0x0328 dmvsc - ok
10:15:25.0136 0x0328 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
10:15:25.0152 0x0328 dmwappushservice - ok
10:15:25.0168 0x0328 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:15:25.0188 0x0328 Dnscache - ok
10:15:25.0190 0x0328 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\Windows\System32\dot3svc.dll
10:15:25.0205 0x0328 dot3svc - ok
10:15:25.0205 0x0328 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:15:25.0221 0x0328 dot4 - ok
10:15:25.0221 0x0328 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
10:15:25.0221 0x0328 Dot4Print - ok
10:15:25.0237 0x0328 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:15:25.0237 0x0328 dot4usb - ok
10:15:25.0237 0x0328 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\Windows\system32\dps.dll
10:15:25.0252 0x0328 DPS - ok
10:15:25.0252 0x0328 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\Windows\System32\drivers\drmkaud.sys
10:15:25.0268 0x0328 drmkaud - ok
10:15:25.0268 0x0328 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
10:15:25.0290 0x0328 DsmSvc - ok
10:15:25.0290 0x0328 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\Windows\System32\DsSvc.dll
10:15:25.0306 0x0328 DsSvc - ok
10:15:25.0337 0x0328 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:15:25.0388 0x0328 DXGKrnl - ok
10:15:25.0390 0x0328 [ E716140ACA798A5EC48531F0739A0290, C585F1D9B08A406FE0ED35E07C2F20E793E67F8E153314A449701125C8EA7A4B ] e1iexpress C:\Windows\System32\drivers\e1i63x64.sys
10:15:25.0406 0x0328 e1iexpress - ok
10:15:25.0421 0x0328 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\Windows\System32\eapsvc.dll
10:15:25.0437 0x0328 Eaphost - ok
10:15:25.0490 0x0328 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:15:25.0553 0x0328 ebdrv - ok
10:15:25.0569 0x0328 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\Windows\System32\lsass.exe
10:15:25.0569 0x0328 EFS - ok
10:15:25.0569 0x0328 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
10:15:25.0591 0x0328 EhStorClass - ok
10:15:25.0591 0x0328 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
10:15:25.0591 0x0328 EhStorTcgDrv - ok
10:15:25.0606 0x0328 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
10:15:25.0622 0x0328 embeddedmode - ok
10:15:25.0622 0x0328 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
10:15:25.0638 0x0328 EntAppSvc - ok
10:15:25.0638 0x0328 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\Windows\System32\drivers\errdev.sys
10:15:25.0653 0x0328 ErrDev - ok
10:15:25.0669 0x0328 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\Windows\system32\es.dll
10:15:25.0691 0x0328 EventSystem - ok
10:15:25.0691 0x0328 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\Windows\system32\drivers\exfat.sys
10:15:25.0707 0x0328 exfat - ok
10:15:25.0722 0x0328 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:15:25.0738 0x0328 fastfat - ok
|
|
22.03.2016, 10:47
| #3 |
| | Adware/Browser Hijacker: m55.dnsqa.me zu viele Zeichen,deshalb folgt hier die Fortsetzung:
__________________Code:
ATTFilter 10:15:25.0738 0x0328 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\Windows\system32\fxssvc.exe 10:15:25.0769 0x0328 Fax - ok 10:15:25.0769 0x0328 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\Windows\System32\drivers\fdc.sys 10:15:25.0791 0x0328 fdc - ok 10:15:25.0791 0x0328 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\Windows\system32\fdPHost.dll 10:15:25.0807 0x0328 fdPHost - ok 10:15:25.0807 0x0328 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\Windows\system32\fdrespub.dll 10:15:25.0822 0x0328 FDResPub - ok 10:15:25.0822 0x0328 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\Windows\system32\fhsvc.dll 10:15:25.0838 0x0328 fhsvc - ok 10:15:25.0838 0x0328 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys 10:15:25.0854 0x0328 FileCrypt - ok 10:15:25.0854 0x0328 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:15:25.0869 0x0328 FileInfo - ok 10:15:25.0869 0x0328 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:15:25.0889 0x0328 Filetrace - ok 10:15:25.0891 0x0328 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 10:15:25.0891 0x0328 flpydisk - ok 10:15:25.0907 0x0328 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:15:25.0923 0x0328 FltMgr - ok 10:15:25.0938 0x0328 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\Windows\system32\FntCache.dll 10:15:25.0970 0x1eb8 Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc 10:15:25.0992 0x0328 FontCache - ok 10:15:26.0007 0x0328 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:15:26.0007 0x0328 FontCache3.0.0.0 - ok 10:15:26.0007 0x0328 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:15:26.0023 0x0328 FsDepends - ok 10:15:26.0023 0x0328 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:15:26.0039 0x0328 Fs_Rec - ok 10:15:26.0039 0x0328 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:15:26.0070 0x0328 fvevol - ok 10:15:26.0070 0x0328 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:15:26.0070 0x0328 gagp30kx - ok 10:15:26.0085 0x0328 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 10:15:26.0092 0x0328 gencounter - ok 10:15:26.0092 0x0328 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys 10:15:26.0108 0x0328 genericusbfn - ok 10:15:26.0123 0x0328 [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 10:15:26.0154 0x0328 GfExperienceService - ok 10:15:26.0154 0x0328 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 10:15:26.0170 0x0328 GPIOClx0101 - ok 10:15:26.0192 0x0328 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\Windows\System32\gpsvc.dll 10:15:26.0223 0x0328 gpsvc - ok 10:15:26.0239 0x0328 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys 10:15:26.0255 0x0328 GpuEnergyDrv - ok 10:15:26.0255 0x0328 [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys 10:15:26.0270 0x0328 HdAudAddService - ok 10:15:26.0286 0x0328 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 10:15:26.0292 0x0328 HDAudBus - ok 10:15:26.0292 0x0328 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 10:15:26.0308 0x0328 HidBatt - ok 10:15:26.0308 0x0328 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\Windows\System32\drivers\hidbth.sys 10:15:26.0323 0x0328 HidBth - ok 10:15:26.0323 0x0328 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 10:15:26.0339 0x0328 hidi2c - ok 10:15:26.0339 0x0328 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys 10:15:26.0339 0x0328 hidinterrupt - ok 10:15:26.0355 0x0328 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\Windows\System32\drivers\hidir.sys 10:15:26.0355 0x0328 HidIr - ok 10:15:26.0355 0x0328 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\Windows\system32\hidserv.dll 10:15:26.0370 0x0328 hidserv - ok 10:15:26.0370 0x0328 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 10:15:26.0392 0x0328 HidUsb - ok 10:15:26.0392 0x0328 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:15:26.0408 0x0328 HomeGroupListener - ok 10:15:26.0424 0x0328 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:15:26.0439 0x0328 HomeGroupProvider - ok 10:15:26.0455 0x0328 [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 10:15:26.0455 0x0328 hpqcxs08 - ok 10:15:26.0455 0x0328 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 10:15:26.0470 0x0328 hpqddsvc - ok 10:15:26.0470 0x0328 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:15:26.0486 0x0328 HpSAMD - ok 10:15:26.0492 0x0328 [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:15:26.0524 0x0328 HTTP - ok 10:15:26.0524 0x0328 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:15:26.0539 0x0328 hwpolicy - ok 10:15:26.0539 0x0328 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 10:15:26.0555 0x0328 hyperkbd - ok 10:15:26.0555 0x0328 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 10:15:26.0571 0x0328 i8042prt - ok 10:15:26.0571 0x0328 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys 10:15:26.0593 0x0328 iai2c - ok 10:15:26.0593 0x0328 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys 10:15:26.0608 0x0328 iaLPSS2i_I2C - ok 10:15:26.0608 0x0328 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 10:15:26.0608 0x0328 iaLPSSi_GPIO - ok 10:15:26.0624 0x0328 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 10:15:26.0624 0x0328 iaLPSSi_I2C - ok 10:15:26.0640 0x0328 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 10:15:26.0655 0x0328 iaStorAV - ok 10:15:26.0671 0x0328 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:15:26.0693 0x0328 iaStorV - ok 10:15:26.0693 0x0328 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\Windows\System32\drivers\ibbus.sys 10:15:26.0709 0x0328 ibbus - ok 10:15:26.0709 0x0328 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\Windows\System32\tetheringservice.dll 10:15:26.0724 0x0328 icssvc - ok 10:15:26.0740 0x0328 IEEtwCollectorService - ok 10:15:26.0856 0x0328 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 10:15:27.0009 0x0328 igfx - ok 10:15:27.0025 0x0328 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe 10:15:27.0040 0x0328 igfxCUIService2.0.0.0 - ok 10:15:27.0056 0x0328 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\Windows\System32\ikeext.dll 10:15:27.0094 0x0328 IKEEXT - ok 10:15:27.0094 0x0328 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 10:15:27.0109 0x0328 IntcDAud - ok 10:15:27.0109 0x0328 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\Windows\system32\drivers\intelide.sys 10:15:27.0125 0x0328 intelide - ok 10:15:27.0125 0x0328 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\Windows\system32\drivers\intelpep.sys 10:15:27.0125 0x0328 intelpep - ok 10:15:27.0141 0x0328 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\Windows\System32\drivers\intelppm.sys 10:15:27.0156 0x0328 intelppm - ok 10:15:27.0156 0x0328 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\Windows\system32\drivers\ioqos.sys 10:15:27.0156 0x0328 IoQos - ok 10:15:27.0172 0x0328 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:15:27.0172 0x0328 IpFilterDriver - ok 10:15:27.0194 0x0328 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:15:27.0225 0x0328 iphlpsvc - ok 10:15:27.0241 0x0328 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 10:15:27.0241 0x0328 IPMIDRV - ok 10:15:27.0256 0x0328 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:15:27.0256 0x0328 IPNAT - ok 10:15:27.0272 0x0328 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:15:27.0272 0x0328 IRENUM - ok 10:15:27.0288 0x0328 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:15:27.0294 0x0328 isapnp - ok 10:15:27.0294 0x0328 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 10:15:27.0310 0x0328 iScsiPrt - ok 10:15:27.0310 0x0328 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 10:15:27.0325 0x0328 kbdclass - ok 10:15:27.0325 0x0328 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 10:15:27.0341 0x0328 kbdhid - ok 10:15:27.0341 0x0328 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\Windows\System32\drivers\kdnic.sys 10:15:27.0341 0x1464 Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam 10:15:27.0341 0x0328 kdnic - ok 10:15:27.0357 0x0328 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\Windows\system32\lsass.exe 10:15:27.0357 0x0328 KeyIso - ok 10:15:27.0357 0x0328 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:15:27.0372 0x0328 KSecDD - ok 10:15:27.0372 0x0328 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:15:27.0395 0x0328 KSecPkg - ok 10:15:27.0395 0x0328 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:15:27.0410 0x0328 ksthunk - ok 10:15:27.0410 0x0328 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\Windows\system32\msdtckrm.dll 10:15:27.0426 0x0328 KtmRm - ok 10:15:27.0441 0x0328 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:15:27.0457 0x0328 LanmanServer - ok 10:15:27.0457 0x0328 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:15:27.0473 0x0328 LanmanWorkstation - ok 10:15:27.0491 0x0328 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\Windows\System32\lfsvc.dll 10:15:27.0495 0x0328 lfsvc - ok 10:15:27.0495 0x0328 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll 10:15:27.0510 0x0328 LicenseManager - ok 10:15:27.0510 0x0328 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\Windows\system32\drivers\lltdio.sys 10:15:27.0526 0x0328 lltdio - ok 10:15:27.0526 0x0328 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:15:27.0542 0x0328 lltdsvc - ok 10:15:27.0557 0x0328 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:15:27.0557 0x0328 lmhosts - ok 10:15:27.0573 0x0328 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:15:27.0573 0x0328 LSI_SAS - ok 10:15:27.0573 0x0328 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys 10:15:27.0595 0x0328 LSI_SAS2i - ok 10:15:27.0595 0x0328 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys 10:15:27.0595 0x0328 LSI_SAS3i - ok 10:15:27.0611 0x0328 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 10:15:27.0611 0x0328 LSI_SSS - ok 10:15:27.0626 0x0328 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\Windows\System32\lsm.dll 10:15:27.0658 0x0328 LSM - ok 10:15:27.0658 0x0328 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\Windows\system32\drivers\luafv.sys 10:15:27.0673 0x0328 luafv - ok 10:15:27.0673 0x0328 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\Windows\System32\moshost.dll 10:15:27.0695 0x0328 MapsBroker - ok 10:15:27.0695 0x0328 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 10:15:27.0695 0x0328 MBAMProtector - ok 10:15:27.0727 0x0328 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 10:15:27.0758 0x0328 MBAMScheduler - ok 10:15:27.0773 0x0328 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 10:15:27.0796 0x0328 MBAMService - ok 10:15:27.0811 0x0328 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 10:15:27.0811 0x0328 MBAMSwissArmy - ok 10:15:27.0811 0x0328 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 10:15:27.0827 0x0328 MBAMWebAccessControl - ok 10:15:27.0827 0x0328 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\Windows\system32\drivers\megasas.sys 10:15:27.0842 0x0328 megasas - ok 10:15:27.0842 0x0328 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\Windows\system32\drivers\megasr.sys 10:15:27.0874 0x0328 megasr - ok 10:15:27.0874 0x0328 [ 6D1671CB2E5402F01D2F13ECF764CAA1, 4778630F602FE8F9B9112DC5BB7A179632000D10D80C28E93711404108FCC6E0 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys 10:15:27.0891 0x0328 MEIx64 - ok 10:15:27.0895 0x0328 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\Windows\System32\MessagingService.dll 10:15:27.0896 0x0328 MessagingService - ok 10:15:27.0927 0x0328 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys 10:15:27.0943 0x0328 mlx4_bus - ok 10:15:27.0943 0x0328 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\Windows\system32\drivers\mmcss.sys 10:15:27.0958 0x0328 MMCSS - ok 10:15:27.0958 0x0328 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\Windows\system32\drivers\modem.sys 10:15:27.0974 0x0328 Modem - ok 10:15:27.0974 0x0328 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\Windows\System32\drivers\monitor.sys 10:15:27.0996 0x0328 monitor - ok 10:15:27.0996 0x0328 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\Windows\System32\drivers\mouclass.sys 10:15:27.0996 0x0328 mouclass - ok 10:15:27.0996 0x0328 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\Windows\System32\drivers\mouhid.sys 10:15:28.0012 0x0328 mouhid - ok 10:15:28.0012 0x0328 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:15:28.0027 0x0328 mountmgr - ok 10:15:28.0027 0x0328 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:15:28.0043 0x0328 MozillaMaintenance - ok 10:15:28.0043 0x0328 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:15:28.0059 0x0328 mpsdrv - ok 10:15:28.0074 0x0328 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\Windows\system32\mpssvc.dll 10:15:28.0096 0x0328 MpsSvc - ok 10:15:28.0112 0x0328 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:15:28.0128 0x0328 MRxDAV - ok 10:15:28.0128 0x0328 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:15:28.0143 0x0328 mrxsmb - ok 10:15:28.0159 0x0328 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:15:28.0174 0x0328 mrxsmb10 - ok 10:15:28.0174 0x0328 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:15:28.0194 0x0328 mrxsmb20 - ok 10:15:28.0197 0x0328 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\Windows\system32\drivers\bridge.sys 10:15:28.0197 0x0328 MsBridge - ok 10:15:28.0212 0x0328 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\Windows\System32\msdtc.exe 10:15:28.0228 0x0328 MSDTC - ok 10:15:28.0228 0x0328 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:15:28.0243 0x0328 Msfs - ok 10:15:28.0243 0x0328 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 10:15:28.0243 0x0328 msgpiowin32 - ok 10:15:28.0243 0x0328 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:15:28.0259 0x0328 mshidkmdf - ok 10:15:28.0259 0x0328 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 10:15:28.0275 0x0328 mshidumdf - ok 10:15:28.0275 0x0328 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:15:28.0275 0x0328 msisadrv - ok 10:15:28.0294 0x0328 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:15:28.0297 0x0328 MSiSCSI - ok 10:15:28.0297 0x0328 msiserver - ok 10:15:28.0313 0x0328 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys 10:15:28.0313 0x0328 MSKSSRV - ok 10:15:28.0313 0x0328 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\Windows\system32\drivers\mslldp.sys 10:15:28.0328 0x0328 MsLldp - ok 10:15:28.0328 0x0328 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys 10:15:28.0344 0x0328 MSPCLOCK - ok 10:15:28.0344 0x0328 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys 10:15:28.0359 0x0328 MSPQM - ok 10:15:28.0359 0x0328 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:15:28.0375 0x0328 MsRPC - ok 10:15:28.0375 0x0328 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 10:15:28.0397 0x0328 mssmbios - ok 10:15:28.0397 0x0328 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys 10:15:28.0397 0x0328 MSTEE - ok 10:15:28.0413 0x0328 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 10:15:28.0413 0x0328 MTConfig - ok 10:15:28.0428 0x0328 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\Windows\system32\Drivers\mup.sys 10:15:28.0428 0x0328 Mup - ok 10:15:28.0428 0x0328 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\Windows\system32\drivers\mvumis.sys 10:15:28.0444 0x0328 mvumis - ok 10:15:28.0460 0x0328 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:15:28.0460 0x1eb8 Object send P2P result: true 10:15:28.0475 0x0328 NativeWifiP - ok 10:15:28.0491 0x0328 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\Windows\System32\ncasvc.dll 10:15:28.0497 0x0328 NcaSvc - ok 10:15:28.0513 0x0328 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\Windows\System32\ncbservice.dll 10:15:28.0529 0x0328 NcbService - ok 10:15:28.0529 0x0328 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 10:15:28.0560 0x0328 NcdAutoSetup - ok 10:15:28.0560 0x0328 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys 10:15:28.0560 0x0328 ndfltr - ok 10:15:28.0612 0x0328 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:15:28.0644 0x0328 NDIS - ok 10:15:28.0644 0x0328 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys 10:15:28.0659 0x0328 NdisCap - ok 10:15:28.0659 0x0328 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys 10:15:28.0675 0x0328 NdisImPlatform - ok 10:15:28.0675 0x0328 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:15:28.0696 0x0328 NdisTapi - ok 10:15:28.0697 0x0328 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys 10:15:28.0697 0x0328 Ndisuio - ok 10:15:28.0713 0x0328 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 10:15:28.0713 0x0328 NdisVirtualBus - ok 10:15:28.0728 0x0328 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\Windows\System32\drivers\ndiswan.sys 10:15:28.0744 0x0328 NdisWan - ok 10:15:28.0744 0x0328 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys 10:15:28.0760 0x0328 ndiswanlegacy - ok 10:15:28.0760 0x0328 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys 10:15:28.0775 0x0328 ndproxy - ok 10:15:28.0775 0x0328 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\Windows\system32\drivers\Ndu.sys 10:15:28.0796 0x0328 Ndu - ok 10:15:28.0797 0x0328 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll 10:15:28.0797 0x0328 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 10:15:29.0778 0x1464 Object send P2P result: true 10:15:31.0165 0x0328 Detect skipped due to KSN trusted 10:15:31.0165 0x0328 Net Driver HPZ12 - ok 10:15:31.0165 0x0328 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\Windows\system32\drivers\netbios.sys 10:15:31.0180 0x0328 NetBIOS - ok 10:15:31.0180 0x0328 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:15:31.0202 0x0328 NetBT - ok 10:15:31.0202 0x0328 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\Windows\system32\lsass.exe 10:15:31.0218 0x0328 Netlogon - ok 10:15:31.0218 0x0328 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\Windows\System32\netman.dll 10:15:31.0234 0x0328 Netman - ok 10:15:31.0249 0x0328 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\Windows\System32\netprofmsvc.dll 10:15:31.0265 0x0328 netprofm - ok 10:15:31.0280 0x0328 [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll 10:15:31.0301 0x0328 NetSetupSvc - ok 10:15:31.0302 0x0328 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:15:31.0302 0x0328 NetTcpPortSharing - ok 10:15:31.0318 0x0328 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll 10:15:31.0334 0x0328 NgcCtnrSvc - ok 10:15:31.0349 0x0328 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\Windows\system32\ngcsvc.dll 10:15:31.0380 0x0328 NgcSvc - ok 10:15:31.0380 0x0328 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:15:31.0402 0x0328 NlaSvc - ok 10:15:31.0402 0x0328 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:15:31.0418 0x0328 Npfs - ok 10:15:31.0418 0x0328 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 10:15:31.0433 0x0328 npsvctrig - ok 10:15:31.0433 0x0328 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\Windows\system32\nsisvc.dll 10:15:31.0449 0x0328 nsi - ok 10:15:31.0449 0x0328 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:15:31.0465 0x0328 nsiproxy - ok 10:15:31.0502 0x0328 [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS C:\Windows\system32\drivers\NTFS.sys 10:15:31.0549 0x0328 NTFS - ok 10:15:31.0549 0x0328 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\Windows\system32\drivers\Null.sys 10:15:31.0565 0x0328 Null - ok 10:15:31.0565 0x0328 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 10:15:31.0580 0x0328 NVHDA - ok 10:15:31.0764 0x0328 [ 597C022F2A7E5D31ED3BAD18C75D5552, 1D0A32A2A23FC8BA5E02A8EB248902EF234DBCEFA53454C4AEA3B92D7043A2B3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:15:31.0999 0x0328 nvlddmkm - ok 10:15:32.0034 0x0328 [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 10:15:32.0065 0x0328 NvNetworkService - ok 10:15:32.0081 0x0328 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:15:32.0081 0x0328 nvraid - ok 10:15:32.0101 0x0328 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:15:32.0102 0x0328 nvstor - ok 10:15:32.0102 0x0328 [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 10:15:32.0118 0x0328 NvStreamKms - ok 10:15:32.0219 0x0328 [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 10:15:32.0334 0x0328 NvStreamNetworkSvc - ok 10:15:32.0381 0x0328 [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 10:15:32.0434 0x0328 NvStreamSvc - ok 10:15:32.0450 0x0328 [ 38885AE14957B271496CD7DA19CF2697, 1A506872585B6C5B5DD3F2927F70DE6393977167D72DC0A31FB2267B9FF89A49 ] nvsvc C:\Windows\system32\nvvsvc.exe 10:15:32.0481 0x0328 nvsvc - ok 10:15:32.0481 0x0328 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 10:15:32.0500 0x0328 nvvad_WaveExtensible - ok 10:15:32.0503 0x0328 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:15:32.0503 0x0328 nv_agp - ok 10:15:32.0519 0x0328 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\Windows\System32\APHostService.dll 10:15:32.0535 0x0328 OneSyncSvc - ok 10:15:32.0550 0x0328 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:15:32.0566 0x0328 p2pimsvc - ok 10:15:32.0581 0x0328 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\Windows\system32\p2psvc.dll 10:15:32.0603 0x0328 p2psvc - ok 10:15:32.0603 0x0328 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\Windows\System32\drivers\parport.sys 10:15:32.0619 0x0328 Parport - ok 10:15:32.0619 0x0328 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:15:32.0635 0x0328 partmgr - ok 10:15:32.0650 0x0328 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\Windows\System32\pcasvc.dll 10:15:32.0666 0x0328 PcaSvc - ok 10:15:32.0666 0x0328 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\Windows\system32\drivers\pci.sys 10:15:32.0682 0x0328 pci - ok 10:15:32.0682 0x0328 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\Windows\system32\drivers\pciide.sys 10:15:32.0703 0x0328 pciide - ok 10:15:32.0704 0x0328 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:15:32.0704 0x0328 pcmcia - ok 10:15:32.0719 0x0328 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\Windows\system32\drivers\pcw.sys 10:15:32.0719 0x0328 pcw - ok 10:15:32.0719 0x0328 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\Windows\system32\drivers\pdc.sys 10:15:32.0735 0x0328 pdc - ok 10:15:32.0751 0x0328 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:15:32.0782 0x0328 PEAUTH - ok 10:15:32.0804 0x0328 [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:15:32.0866 0x0328 PeerDistSvc - ok 10:15:32.0866 0x0328 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\Windows\system32\drivers\percsas2i.sys 10:15:32.0882 0x0328 percsas2i - ok 10:15:32.0882 0x0328 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\Windows\system32\drivers\percsas3i.sys 10:15:32.0900 0x0328 percsas3i - ok 10:15:32.0920 0x0328 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:15:32.0920 0x0328 PerfHost - ok 10:15:32.0951 0x0328 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\Windows\System32\PhoneService.dll 10:15:32.0967 0x0328 PhoneSvc - ok 10:15:32.0982 0x0328 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll 10:15:33.0005 0x0328 PimIndexMaintenanceSvc - ok 10:15:33.0036 0x0328 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\Windows\system32\pla.dll 10:15:33.0083 0x0328 pla - ok 10:15:33.0083 0x0328 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:15:33.0105 0x0328 PlugPlay - ok 10:15:33.0105 0x0328 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll 10:15:33.0120 0x0328 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 10:15:33.0537 0x1620 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c 10:15:35.0488 0x0328 Detect skipped due to KSN trusted 10:15:35.0488 0x0328 Pml Driver HPZ12 - ok 10:15:35.0488 0x0328 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:15:35.0506 0x0328 PNRPAutoReg - ok 10:15:35.0510 0x0328 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:15:35.0526 0x0328 PNRPsvc - ok 10:15:35.0526 0x0328 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:15:35.0557 0x0328 PolicyAgent - ok 10:15:35.0557 0x0328 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\Windows\system32\umpo.dll 10:15:35.0573 0x0328 Power - ok 10:15:35.0573 0x0328 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys 10:15:35.0588 0x0328 PptpMiniport - ok 10:15:35.0642 0x0328 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 10:15:35.0742 0x0328 PrintNotify - ok 10:15:35.0742 0x0328 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\Windows\System32\drivers\processr.sys 10:15:35.0758 0x0328 Processor - ok 10:15:35.0773 0x0328 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\Windows\system32\profsvc.dll 10:15:35.0789 0x0328 ProfSvc - ok 10:15:35.0789 0x0328 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\Windows\system32\drivers\pacer.sys 10:15:35.0808 0x0328 Psched - ok 10:15:35.0990 0x1620 Object send P2P result: true 10:15:35.0990 0x1620 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C 10:15:36.0174 0x0328 [ E37DF3BB546CB68DFC5E58CC8B49C311, B9372B58FB206CB9C14C830E90325CF9F8ADF17C12BFD8EC61D64E8A64CA2E35 ] QHActiveDefense D:\Programme\360 Total Security\360\Total Security\safemon\QHActiveDefense.exe 10:15:36.0190 0x0328 QHActiveDefense - ok 10:15:36.0206 0x0328 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\Windows\system32\qwave.dll 10:15:36.0212 0x0328 QWAVE - ok 10:15:36.0212 0x0328 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:15:36.0228 0x0328 QWAVEdrv - ok 10:15:36.0228 0x0328 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:15:36.0243 0x0328 RasAcd - ok 10:15:36.0243 0x0328 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys 10:15:36.0259 0x0328 RasAgileVpn - ok 10:15:36.0259 0x0328 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\Windows\System32\rasauto.dll 10:15:36.0275 0x0328 RasAuto - ok 10:15:36.0275 0x0328 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys 10:15:36.0290 0x0328 Rasl2tp - ok 10:15:36.0311 0x0328 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\Windows\System32\rasmans.dll 10:15:36.0328 0x0328 RasMan - ok 10:15:36.0344 0x0328 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:15:36.0344 0x0328 RasPppoe - ok 10:15:36.0359 0x0328 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\Windows\System32\drivers\rassstp.sys 10:15:36.0359 0x0328 RasSstp - ok 10:15:36.0375 0x0328 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:15:36.0391 0x0328 rdbss - ok 10:15:36.0391 0x0328 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 10:15:36.0411 0x0328 rdpbus - ok 10:15:36.0413 0x0328 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:15:36.0428 0x0328 RDPDR - ok 10:15:36.0428 0x0328 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 10:15:36.0428 0x0328 RdpVideoMiniport - ok 10:15:36.0444 0x0328 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:15:36.0460 0x0328 rdyboost - ok 10:15:36.0475 0x0328 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys 10:15:36.0491 0x0328 ReFSv1 - ok 10:15:36.0511 0x0328 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:15:36.0529 0x0328 RemoteAccess - ok 10:15:36.0529 0x0328 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:15:36.0544 0x0328 RemoteRegistry - ok 10:15:36.0575 0x0328 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\Windows\system32\RDXService.dll 10:15:36.0613 0x0328 RetailDemo - ok 10:15:36.0613 0x0328 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:15:36.0629 0x0328 RpcEptMapper - ok 10:15:36.0629 0x0328 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\Windows\system32\locator.exe 10:15:36.0644 0x0328 RpcLocator - ok 10:15:36.0660 0x0328 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\Windows\system32\rpcss.dll 10:15:36.0691 0x0328 RpcSs - ok 10:15:36.0691 0x0328 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\Windows\system32\drivers\rspndr.sys 10:15:36.0713 0x0328 rspndr - ok 10:15:36.0713 0x0328 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\Windows\System32\drivers\vms3cap.sys 10:15:36.0713 0x0328 s3cap - ok 10:15:36.0713 0x0328 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\Windows\system32\lsass.exe 10:15:36.0729 0x0328 SamSs - ok 10:15:36.0729 0x0328 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:15:36.0745 0x0328 sbp2port - ok 10:15:36.0745 0x0328 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:15:36.0776 0x0328 SCardSvr - ok 10:15:36.0776 0x0328 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 10:15:36.0792 0x0328 ScDeviceEnum - ok 10:15:36.0792 0x0328 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:15:36.0814 0x0328 scfilter - ok 10:15:36.0829 0x0328 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\Windows\system32\schedsvc.dll 10:15:36.0861 0x0328 Schedule - ok 10:15:36.0861 0x0328 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\Windows\System32\certprop.dll 10:15:36.0876 0x0328 SCPolicySvc - ok 10:15:36.0892 0x0328 [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus C:\Windows\System32\drivers\sdbus.sys 10:15:36.0909 0x0328 sdbus - ok 10:15:36.0914 0x0328 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:15:36.0914 0x0328 SDRSVC - ok 10:15:36.0930 0x0328 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\Windows\System32\drivers\sdstor.sys 10:15:36.0930 0x0328 sdstor - ok 10:15:36.0930 0x0328 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\Windows\system32\seclogon.dll 10:15:36.0945 0x0328 seclogon - ok 10:15:36.0945 0x0328 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\Windows\System32\sens.dll 10:15:36.0961 0x0328 SENS - ok 10:15:36.0992 0x0328 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\Windows\System32\SensorDataService.exe 10:15:37.0045 0x0328 SensorDataService - ok 10:15:37.0045 0x0328 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\Windows\system32\SensorService.dll 10:15:37.0061 0x0328 SensorService - ok 10:15:37.0077 0x0328 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:15:37.0092 0x0328 SensrSvc - ok 10:15:37.0092 0x0328 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\Windows\system32\drivers\SerCx.sys 10:15:37.0092 0x0328 SerCx - ok 10:15:37.0111 0x0328 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 10:15:37.0114 0x0328 SerCx2 - ok 10:15:37.0114 0x0328 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\Windows\System32\drivers\serenum.sys 10:15:37.0130 0x0328 Serenum - ok 10:15:37.0130 0x0328 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\Windows\System32\drivers\serial.sys 10:15:37.0146 0x0328 Serial - ok 10:15:37.0146 0x0328 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\Windows\System32\drivers\sermouse.sys 10:15:37.0161 0x0328 sermouse - ok 10:15:37.0161 0x0328 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\Windows\system32\sessenv.dll 10:15:37.0192 0x0328 SessionEnv - ok 10:15:37.0192 0x0328 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 10:15:37.0192 0x0328 sfloppy - ok 10:15:37.0214 0x0328 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:15:37.0230 0x0328 SharedAccess - ok 10:15:37.0246 0x0328 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:15:37.0277 0x0328 ShellHWDetection - ok 10:15:37.0277 0x0328 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 10:15:37.0277 0x0328 SiSRaid2 - ok 10:15:37.0292 0x0328 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:15:37.0292 0x0328 SiSRaid4 - ok 10:15:37.0311 0x0328 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 10:15:37.0315 0x0328 SkypeUpdate - ok 10:15:37.0315 0x0328 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\Windows\System32\smphost.dll 10:15:37.0330 0x0328 smphost - ok 10:15:37.0346 0x0328 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll 10:15:37.0377 0x0328 SmsRouter - ok 10:15:37.0377 0x0328 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:15:37.0393 0x0328 SNMPTRAP - ok 10:15:37.0393 0x0328 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\Windows\system32\drivers\spaceport.sys 10:15:37.0414 0x0328 spaceport - ok 10:15:37.0414 0x0328 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 10:15:37.0430 0x0328 SpbCx - ok 10:15:37.0446 0x0328 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\Windows\System32\spoolsv.exe 10:15:37.0477 0x0328 Spooler - ok 10:15:37.0531 0x13b8 Object required for P2P: [ 597C022F2A7E5D31ED3BAD18C75D5552 ] nvlddmkm 10:15:37.0578 0x0328 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\Windows\system32\sppsvc.exe 10:15:37.0710 0x0328 sppsvc - ok 10:15:37.0715 0x0328 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\Windows\system32\DRIVERS\srv.sys 10:15:37.0731 0x0328 srv - ok 10:15:37.0746 0x0328 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:15:37.0778 0x0328 srv2 - ok 10:15:37.0778 0x0328 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:15:37.0793 0x0328 srvnet - ok 10:15:37.0809 0x0328 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:15:37.0816 0x0328 SSDPSRV - ok 10:15:37.0831 0x0328 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:15:37.0847 0x0328 SstpSvc - ok 10:15:37.0894 0x0328 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\Windows\system32\windows.staterepository.dll 10:15:37.0963 0x0328 StateRepository - ok 10:15:37.0979 0x0328 [ 81433E112B6BD31B59519BA31EF927DB, DD1776E5729F22C58A4969132E0C105B0E48672ADC4E8FD958A8D5A627596BBA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 10:15:37.0994 0x0328 Steam Client Service - ok 10:15:38.0016 0x0328 [ 419226C42B9427BB7D04F05BBA9C7FC9, 4D6910C250C6A48D79CA3253CC4529E37C37C38876F91B62B2CF92C63EA68F39 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 10:15:38.0016 0x0328 Stereo Service - ok 10:15:38.0032 0x0328 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\Windows\system32\drivers\stexstor.sys 10:15:38.0032 0x0328 stexstor - ok 10:15:38.0048 0x0328 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\Windows\System32\wiaservc.dll 10:15:38.0079 0x0328 stisvc - ok 10:15:38.0079 0x0328 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\Windows\system32\drivers\storahci.sys 10:15:38.0079 0x0328 storahci - ok 10:15:38.0094 0x0328 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:15:38.0094 0x0328 storflt - ok 10:15:38.0094 0x0328 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\Windows\system32\drivers\stornvme.sys 10:15:38.0116 0x0328 stornvme - ok 10:15:38.0116 0x0328 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\Windows\system32\drivers\storqosflt.sys 10:15:38.0132 0x0328 storqosflt - ok 10:15:38.0132 0x0328 [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc C:\Windows\system32\storsvc.dll 10:15:38.0163 0x0328 StorSvc - ok 10:15:38.0163 0x0328 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\Windows\system32\drivers\storufs.sys 10:15:38.0179 0x0328 storufs - ok 10:15:38.0179 0x0328 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:15:38.0179 0x0328 storvsc - ok 10:15:38.0194 0x0328 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\Windows\system32\svsvc.dll 10:15:38.0210 0x0328 svsvc - ok 10:15:38.0212 0x0328 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\Windows\System32\drivers\swenum.sys 10:15:38.0216 0x0328 swenum - ok 10:15:38.0216 0x0328 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\Windows\System32\swprv.dll 10:15:38.0248 0x0328 swprv - ok 10:15:38.0248 0x0328 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys 10:15:38.0263 0x0328 Synth3dVsc - ok 10:15:38.0279 0x0328 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\Windows\system32\sysmain.dll 10:15:38.0317 0x0328 SysMain - ok 10:15:38.0332 0x0328 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 10:15:38.0348 0x0328 SystemEventsBroker - ok 10:15:38.0348 0x0328 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:15:38.0364 0x0328 TabletInputService - ok 10:15:38.0379 0x0328 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\Windows\System32\tapisrv.dll 10:15:38.0395 0x0328 TapiSrv - ok 10:15:38.0433 0x0328 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:15:38.0433 0x1620 Object send P2P result: true 10:15:38.0433 0x1620 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC 10:15:38.0480 0x0328 Tcpip - ok 10:15:38.0533 0x0328 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys 10:15:38.0580 0x0328 Tcpip6 - ok 10:15:38.0580 0x0328 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:15:38.0595 0x0328 tcpipreg - ok 10:15:38.0595 0x0328 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:15:38.0617 0x0328 tdx - ok 10:15:38.0618 0x0328 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\Windows\System32\drivers\terminpt.sys 10:15:38.0618 0x0328 terminpt - ok 10:15:38.0633 0x0328 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\Windows\System32\termsrv.dll 10:15:38.0680 0x0328 TermService - ok 10:15:38.0680 0x0328 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\Windows\system32\themeservice.dll 10:15:38.0696 0x0328 Themes - ok 10:15:38.0712 0x0328 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe 10:15:38.0718 0x0328 TieringEngineService - ok 10:15:38.0733 0x0328 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll 10:15:38.0765 0x0328 tiledatamodelsvc - ok 10:15:38.0765 0x0328 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 10:15:38.0780 0x0328 TimeBroker - ok 10:15:38.0780 0x0328 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\Windows\System32\drivers\tpm.sys 10:15:38.0796 0x0328 TPM - ok 10:15:38.0796 0x0328 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\Windows\System32\trkwks.dll 10:15:38.0818 0x0328 TrkWks - ok 10:15:38.0818 0x0328 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:15:38.0834 0x0328 TrustedInstaller - ok 10:15:38.0834 0x0328 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\Windows\system32\drivers\TsUsbFlt.sys 10:15:38.0849 0x0328 tsusbflt - ok 10:15:38.0849 0x0328 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 10:15:38.0849 0x0328 TsUsbGD - ok 10:15:38.0865 0x0328 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\Windows\System32\drivers\tunnel.sys 10:15:38.0881 0x0328 tunnel - ok 10:15:38.0881 0x0328 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll 10:15:38.0896 0x0328 tzautoupdate - ok 10:15:38.0896 0x0328 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:15:38.0896 0x0328 uagp35 - ok 10:15:38.0915 0x0328 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 10:15:38.0918 0x0328 UASPStor - ok 10:15:38.0918 0x0328 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys 10:15:38.0934 0x0328 UcmCx0101 - ok 10:15:38.0934 0x0328 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys 10:15:38.0950 0x0328 UcmUcsi - ok 10:15:38.0950 0x0328 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys 10:15:38.0965 0x0328 Ucx01000 - ok 10:15:38.0965 0x0328 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\Windows\system32\drivers\udecx.sys 10:15:38.0981 0x0328 UdeCx - ok 10:15:38.0981 0x0328 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:15:38.0996 0x0328 udfs - ok 10:15:39.0014 0x0328 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\Windows\System32\drivers\UEFI.sys 10:15:39.0019 0x0328 UEFI - ok 10:15:39.0019 0x0328 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys 10:15:39.0034 0x0328 Ufx01000 - ok 10:15:39.0034 0x0328 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys 10:15:39.0050 0x0328 UfxChipidea - ok 10:15:39.0050 0x0328 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys 10:15:39.0065 0x0328 ufxsynopsys - ok 10:15:39.0065 0x0328 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:15:39.0081 0x0328 UI0Detect - ok 10:15:39.0081 0x0328 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:15:39.0097 0x0328 uliagpkx - ok 10:15:39.0097 0x0328 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\Windows\System32\drivers\umbus.sys 10:15:39.0097 0x0328 umbus - ok 10:15:39.0114 0x0328 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\Windows\System32\drivers\umpass.sys 10:15:39.0118 0x0328 UmPass - ok 10:15:39.0118 0x0328 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\Windows\System32\umrdp.dll 10:15:39.0134 0x0328 UmRdpService - ok 10:15:39.0165 0x0328 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\Windows\System32\unistore.dll 10:15:39.0197 0x0328 UnistoreSvc - ok 10:15:39.0219 0x0328 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\Windows\System32\upnphost.dll 10:15:39.0250 0x0328 upnphost - ok 10:15:39.0250 0x0328 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys 10:15:39.0250 0x0328 UrsChipidea - ok 10:15:39.0250 0x0328 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys 10:15:39.0266 0x0328 UrsCx01000 - ok 10:15:39.0266 0x0328 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys 10:15:39.0281 0x0328 UrsSynopsys - ok 10:15:39.0281 0x0328 [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 10:15:39.0297 0x0328 usbaudio - ok 10:15:39.0297 0x0328 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 10:15:39.0316 0x0328 usbccgp - ok 10:15:39.0319 0x0328 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\Windows\System32\drivers\usbcir.sys 10:15:39.0319 0x0328 usbcir - ok 10:15:39.0335 0x0328 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\Windows\System32\drivers\usbehci.sys 10:15:39.0335 0x0328 usbehci - ok 10:15:39.0350 0x0328 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\Windows\System32\drivers\usbhub.sys 10:15:39.0366 0x0328 usbhub - ok 10:15:39.0382 0x0328 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 10:15:39.0397 0x0328 USBHUB3 - ok 10:15:39.0397 0x0328 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\Windows\System32\drivers\usbohci.sys 10:15:39.0415 0x0328 usbohci - ok 10:15:39.0418 0x0328 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\Windows\System32\drivers\usbprint.sys 10:15:39.0419 0x0328 usbprint - ok 10:15:39.0419 0x0328 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:15:39.0435 0x0328 usbscan - ok 10:15:39.0435 0x0328 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\Windows\System32\drivers\usbser.sys 10:15:39.0450 0x0328 usbser - ok 10:15:39.0450 0x0328 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 10:15:39.0466 0x0328 USBSTOR - ok 10:15:39.0466 0x0328 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 10:15:39.0482 0x0328 usbuhci - ok 10:15:39.0482 0x0328 [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 10:15:39.0497 0x0328 usbvideo - ok 10:15:39.0514 0x0328 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 10:15:39.0519 0x0328 USBXHCI - ok 10:15:39.0550 0x0328 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\Windows\System32\userdataservice.dll 10:15:39.0597 0x0328 UserDataSvc - ok 10:15:39.0619 0x0328 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\Windows\System32\usermgr.dll 10:15:39.0651 0x0328 UserManager - ok 10:15:39.0666 0x0328 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\Windows\system32\usocore.dll 10:15:39.0682 0x0328 UsoSvc - ok 10:15:39.0698 0x0328 [ 89C7095919DD252E31637C56BA5E5874, 56DCE468CAD38B265AA57E39848BD4A965FB8B384290DD8E208C7036B4AE9D6F ] V0790Vid C:\Windows\system32\DRIVERS\V0790Vid.sys 10:15:39.0718 0x0328 V0790Vid - ok 10:15:39.0720 0x0328 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\Windows\system32\lsass.exe 10:15:39.0720 0x0328 VaultSvc - ok 10:15:39.0720 0x0328 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:15:39.0735 0x0328 vdrvroot - ok 10:15:39.0751 0x0328 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\Windows\System32\vds.exe 10:15:39.0782 0x0328 vds - ok 10:15:39.0782 0x0328 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 10:15:39.0798 0x0328 VerifierExt - ok 10:15:39.0816 0x0328 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 10:15:39.0836 0x0328 vhdmp - ok 10:15:39.0836 0x0328 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\Windows\System32\drivers\vhf.sys 10:15:39.0836 0x0328 vhf - ok 10:15:39.0851 0x0328 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:15:39.0851 0x0328 vmbus - ok 10:15:39.0867 0x0328 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 10:15:39.0867 0x0328 VMBusHID - ok 10:15:39.0882 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\Windows\System32\ICSvc.dll 10:15:39.0898 0x0328 vmicguestinterface - ok 10:15:39.0919 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\Windows\System32\ICSvc.dll 10:15:39.0936 0x0328 vmicheartbeat - ok 10:15:39.0936 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\Windows\System32\ICSvc.dll 10:15:39.0967 0x0328 vmickvpexchange - ok 10:15:39.0967 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\Windows\System32\ICSvc.dll 10:15:39.0983 0x13b8 Object send P2P result: true 10:15:39.0998 0x13b8 Object required for P2P: [ 38885AE14957B271496CD7DA19CF2697 ] nvsvc 10:15:39.0998 0x0328 vmicrdv - ok 10:15:40.0014 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\Windows\System32\ICSvc.dll 10:15:40.0036 0x0328 vmicshutdown - ok 10:15:40.0036 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\Windows\System32\ICSvc.dll 10:15:40.0067 0x0328 vmictimesync - ok 10:15:40.0067 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\Windows\System32\ICSvc.dll 10:15:40.0098 0x0328 vmicvmsession - ok 10:15:40.0098 0x0328 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\Windows\System32\ICSvc.dll 10:15:40.0120 0x0328 vmicvss - ok 10:15:40.0120 0x0328 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:15:40.0136 0x0328 volmgr - ok 10:15:40.0136 0x0328 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:15:40.0152 0x0328 volmgrx - ok 10:15:40.0167 0x0328 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:15:40.0183 0x0328 volsnap - ok 10:15:40.0183 0x0328 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\Windows\System32\drivers\vpci.sys 10:15:40.0199 0x0328 vpci - ok 10:15:40.0199 0x0328 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:15:40.0217 0x0328 vsmraid - ok 10:15:40.0236 0x0328 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\Windows\system32\vssvc.exe 10:15:40.0283 0x0328 VSS - ok 10:15:40.0299 0x0328 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 10:15:40.0299 0x0328 VSTXRAID - ok 10:15:40.0316 0x0328 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 10:15:40.0320 0x0328 vwifibus - ok 10:15:40.0320 0x0328 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\Windows\system32\drivers\vwififlt.sys 10:15:40.0336 0x0328 vwififlt - ok 10:15:40.0352 0x0328 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\Windows\system32\w32time.dll 10:15:40.0368 0x0328 W32Time - ok 10:15:40.0383 0x0328 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\Windows\System32\drivers\wacompen.sys 10:15:40.0383 0x0328 WacomPen - ok 10:15:40.0399 0x0328 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\Windows\system32\WalletService.dll 10:15:40.0421 0x0328 WalletService - ok 10:15:40.0421 0x0328 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys 10:15:40.0437 0x0328 wanarp - ok 10:15:40.0437 0x0328 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:15:40.0452 0x0328 wanarpv6 - ok 10:15:40.0484 0x0328 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\Windows\system32\wbengine.exe 10:15:40.0537 0x0328 wbengine - ok 10:15:40.0537 0x0328 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:15:40.0568 0x0328 WbioSrvc - ok 10:15:40.0584 0x0328 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 10:15:40.0617 0x0328 Wcmsvc - ok 10:15:40.0621 0x0328 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:15:40.0637 0x0328 wcncsvc - ok 10:15:40.0653 0x0328 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:15:40.0653 0x0328 WcsPlugInService - ok 10:15:40.0668 0x0328 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 10:15:40.0668 0x0328 WdBoot - ok 10:15:40.0684 0x0328 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:15:40.0699 0x0328 Wdf01000 - ok 10:15:40.0720 0x0328 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 10:15:40.0721 0x0328 WdFilter - ok 10:15:40.0737 0x0328 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\Windows\system32\wdi.dll 10:15:40.0752 0x0328 WdiServiceHost - ok 10:15:40.0752 0x0328 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\Windows\system32\wdi.dll 10:15:40.0768 0x0328 WdiSystemHost - ok 10:15:40.0784 0x0328 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys 10:15:40.0799 0x0328 wdiwifi - ok 10:15:40.0819 0x0328 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 10:15:40.0822 0x0328 WdNisDrv - ok 10:15:40.0822 0x0328 WdNisSvc - ok 10:15:40.0822 0x0328 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\Windows\System32\webclnt.dll 10:15:40.0853 0x0328 WebClient - ok 10:15:40.0853 0x0328 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:15:40.0869 0x0328 Wecsvc - ok 10:15:40.0869 0x0328 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 10:15:40.0884 0x1620 Object send P2P result: true 10:15:40.0884 0x0328 WEPHOSTSVC - ok 10:15:40.0884 0x0328 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:15:40.0900 0x0328 wercplsupport - ok 10:15:40.0921 0x0328 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\Windows\System32\WerSvc.dll 10:15:40.0938 0x0328 WerSvc - ok 10:15:40.0938 0x0328 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys 10:15:40.0953 0x0328 WFPLWFS - ok 10:15:40.0953 0x0328 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\Windows\System32\wiarpc.dll 10:15:40.0969 0x0328 WiaRpc - ok 10:15:40.0969 0x0328 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:15:40.0969 0x0328 WIMMount - ok 10:15:40.0969 0x0328 WinDefend - ok 10:15:40.0985 0x0328 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys 10:15:40.0985 0x0328 WindowsTrustedRT - ok 10:15:40.0985 0x0328 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys 10:15:41.0000 0x0328 WindowsTrustedRTProxy - ok 10:15:41.0022 0x0328 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 10:15:41.0038 0x0328 WinHttpAutoProxySvc - ok 10:15:41.0054 0x0328 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\Windows\System32\drivers\winmad.sys 10:15:41.0054 0x0328 WinMad - ok 10:15:41.0069 0x0328 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:15:41.0085 0x0328 Winmgmt - ok 10:15:41.0123 0x0328 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\Windows\system32\WsmSvc.dll 10:15:41.0201 0x0328 WinRM - ok 10:15:41.0201 0x0328 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS 10:15:41.0223 0x0328 WINUSB - ok 10:15:41.0223 0x0328 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\Windows\System32\drivers\winverbs.sys 10:15:41.0223 0x0328 WinVerbs - ok 10:15:41.0270 0x0328 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\Windows\System32\wlansvc.dll 10:15:41.0339 0x0328 WlanSvc - ok 10:15:41.0370 0x0328 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\Windows\system32\wlidsvc.dll 10:15:41.0439 0x0328 wlidsvc - ok 10:15:41.0439 0x0328 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 10:15:41.0439 0x0328 WmiAcpi - ok 10:15:41.0455 0x0328 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:15:41.0470 0x0328 wmiApSrv - ok 10:15:41.0470 0x0328 WMPNetworkSvc - ok 10:15:41.0470 0x0328 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\Windows\system32\drivers\Wof.sys 10:15:41.0486 0x0328 Wof - ok 10:15:41.0524 0x0328 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 10:15:41.0571 0x0328 workfolderssvc - ok 10:15:41.0586 0x0328 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 10:15:41.0586 0x0328 wpcfltr - ok 10:15:41.0586 0x0328 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:15:41.0602 0x0328 WPDBusEnum - ok 10:15:41.0602 0x0328 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 10:15:41.0623 0x0328 WpdUpFltr - ok 10:15:41.0623 0x0328 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\Windows\system32\WpnService.dll 10:15:41.0639 0x0328 WpnService - ok 10:15:41.0639 0x0328 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:15:41.0655 0x0328 ws2ifsl - ok 10:15:41.0655 0x0328 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\Windows\System32\wscsvc.dll 10:15:41.0670 0x0328 wscsvc - ok 10:15:41.0670 0x0328 WSearch - ok 10:15:41.0724 0x0328 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\Windows\System32\WSService.dll 10:15:41.0802 0x0328 WSService - ok 10:15:41.0839 0x0328 [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv C:\Windows\system32\wuaueng.dll 10:15:41.0920 0x0328 wuauserv - ok 10:15:41.0924 0x0328 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:15:41.0924 0x0328 WudfPf - ok 10:15:41.0940 0x0328 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\Windows\system32\drivers\WudfRd.sys 10:15:41.0956 0x0328 WUDFRd - ok 10:15:41.0956 0x0328 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:15:41.0971 0x0328 wudfsvc - ok 10:15:41.0971 0x0328 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys 10:15:41.0987 0x0328 WUDFWpdFs - ok 10:15:42.0018 0x0328 [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc C:\Windows\System32\wwansvc.dll 10:15:42.0056 0x0328 WwanSvc - ok 10:15:42.0071 0x0328 [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll 10:15:42.0119 0x0328 XblAuthManager - ok 10:15:42.0125 0x0328 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\Windows\System32\XblGameSave.dll 10:15:42.0171 0x0328 XblGameSave - ok 10:15:42.0171 0x0328 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\Windows\System32\drivers\xboxgip.sys 10:15:42.0187 0x0328 xboxgip - ok 10:15:42.0221 0x0328 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll 10:15:42.0256 0x0328 XboxNetApiSvc - ok 10:15:42.0256 0x0328 [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid C:\Windows\System32\drivers\xinputhid.sys 10:15:42.0256 0x0328 xinputhid - ok 10:15:42.0272 0x0328 [ 47E1337B1538390895E035DFF91E0FD1, FC47D47607B8027067C14EBF106B40569C09375F9482570053BD189D56E9BD2E ] xusb22 C:\Windows\System32\drivers\xusb22.sys 10:15:42.0287 0x0328 xusb22 - ok 10:15:42.0287 0x0328 ================ Scan global 10:15:42.0287 0x0328 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\Windows\system32\basesrv.dll 10:15:42.0287 0x0328 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\Windows\system32\winsrv.dll 10:15:42.0303 0x0328 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\Windows\system32\sxssrv.dll 10:15:42.0303 0x0328 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\Windows\system32\services.exe 10:15:42.0322 0x0328 [ Global ] - ok 10:15:42.0322 0x0328 ================ Scan MBR 10:15:42.0323 0x0328 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 10:15:42.0325 0x0328 \Device\Harddisk0\DR0 - ok 10:15:42.0372 0x0328 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 10:15:42.0441 0x13b8 Object send P2P result: true 10:15:42.0457 0x0328 \Device\Harddisk1\DR1 - ok 10:15:42.0457 0x0328 ================ Scan VBR 10:15:42.0457 0x0328 [ D4708CA401457D1023FBD5EBD398BD9E ] \Device\Harddisk0\DR0\Partition1 10:15:42.0457 0x0328 \Device\Harddisk0\DR0\Partition1 - ok 10:15:42.0457 0x0328 [ 9A81364ED192BA5E87155BFF71ED5D14 ] \Device\Harddisk0\DR0\Partition2 10:15:42.0457 0x0328 \Device\Harddisk0\DR0\Partition2 - ok 10:15:42.0457 0x0328 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 10:15:42.0457 0x0328 \Device\Harddisk0\DR0\Partition3 - ok 10:15:42.0472 0x0328 [ 2D9F75C4794BE0B88C834EC7E6802F86 ] \Device\Harddisk0\DR0\Partition4 10:15:42.0472 0x0328 \Device\Harddisk0\DR0\Partition4 - ok 10:15:42.0472 0x0328 [ 2F06E2341D0670E727C2FC0FA7C61DC2 ] \Device\Harddisk1\DR1\Partition1 10:15:42.0520 0x0328 \Device\Harddisk1\DR1\Partition1 - ok 10:15:42.0521 0x0328 ================ Scan generic autorun 10:15:42.0521 0x0328 StartCN - ok 10:15:42.0557 0x0328 [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 10:15:42.0604 0x0328 NvBackend - ok 10:15:42.0621 0x0328 [ C7155263A3A0963EAD212793B38FB91F, A84926FD36F050C50A7BB553D64A849CFC874E38E13B280B17FF98D528359C5D ] C:\Windows\V0790Mon.exe 10:15:42.0626 0x0328 V0790Mon.exe - ok 10:15:42.0657 0x0328 [ 36D22C02A298FD0A42554DB7B2B2F52C, 0EE776C790407620CB9646929DFC3AD0CE0574E9BA05A8E321A498F665A96055 ] D:\Programme\360 Total Security\360\Total Security\safemon\360Tray.exe 10:15:42.0657 0x0328 QHSafeTray - ok 10:15:42.0657 0x0328 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 10:15:42.0673 0x0328 HP Software Update - ok 10:15:42.0826 0x0328 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 10:15:42.0958 0x0328 OneDriveSetup - ok 10:15:43.0089 0x0328 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 10:15:43.0205 0x0328 OneDriveSetup - ok 10:15:43.0227 0x0328 [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\norbe\AppData\Local\Microsoft\OneDrive\OneDrive.exe 10:15:43.0243 0x0328 OneDrive - ok 10:15:43.0328 0x0328 [ 00B8939C3E74A7C0D86852D0B6C18104, BF0471D4FECD074B27E6531F72F940AF39F1174A2AF9B14799199CD3A3443B32 ] D:\Spotify\SpotifyWebHelper.exe 10:15:43.0390 0x0328 Spotify Web Helper - ok 10:15:43.0475 0x0328 [ A4581BBD3D19EC95C8F927170BC18E36, A87BC6CA6C148DF985280584BB6BAE2F7BF9F5B503DB6C019F8E4350BB6BED1E ] D:\Steam\steam.exe 10:15:43.0559 0x0328 Steam - ok 10:15:43.0575 0x0328 Skype - ok 10:15:43.0675 0x0328 [ 2E17A4E5ECBDFC90ED3C7D125214C64F, 3DC110D628889AA32F41151F2EAE606074AB543E8736FFC403DFDC5716ADA67C ] C:\Users\norbe\AppData\Roaming\Spotify\Spotify.exe 10:15:43.0791 0x0328 Spotify - ok 10:15:43.0791 0x0328 Waiting for KSN requests completion. In queue: 236 10:15:44.0809 0x0328 Waiting for KSN requests completion. In queue: 236 10:15:45.0812 0x0328 Waiting for KSN requests completion. In queue: 236 10:15:46.0197 0x248c Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo 10:15:46.0814 0x0328 Waiting for KSN requests completion. In queue: 210 10:15:47.0815 0x0328 Waiting for KSN requests completion. In queue: 210 10:15:48.0639 0x248c Object send P2P result: true 10:15:48.0639 0x248c Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc 10:15:48.0818 0x0328 Waiting for KSN requests completion. In queue: 174 10:15:49.0820 0x0328 Waiting for KSN requests completion. In queue: 174 10:15:50.0823 0x0328 Waiting for KSN requests completion. In queue: 174 10:15:51.0107 0x248c Object send P2P result: true 10:15:51.0107 0x248c Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain 10:15:51.0825 0x0328 Waiting for KSN requests completion. In queue: 152 10:15:52.0828 0x0328 Waiting for KSN requests completion. In queue: 152 10:15:53.0529 0x248c Object send P2P result: true 10:15:53.0546 0x248c Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS 10:15:53.0830 0x0328 Waiting for KSN requests completion. In queue: 72 10:15:54.0832 0x0328 Waiting for KSN requests completion. In queue: 72 10:15:55.0834 0x0328 Waiting for KSN requests completion. In queue: 72 10:15:56.0836 0x0328 Waiting for KSN requests completion. In queue: 72 10:15:57.0839 0x0328 Waiting for KSN requests completion. In queue: 72 10:15:58.0008 0x248c Object send P2P result: true 10:15:58.0863 0x0328 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated ) 10:15:58.0863 0x0328 AV detected via SS2: 360 Total Security, D:\Programme\360 Total Security\360\Total Security\safemon\QHSafeTray.exe ( 8.2.0.1005 ), 0x51000 ( enabled : updated ) 10:15:58.0863 0x0328 Win FW state via NFP2: enabled ( trusted ) 10:16:01.0300 0x0328 10:16:01.0300 0x0328 Scan finished 10:16:01.0300 0x0328 10:16:01.0300 0x19cc Detected object count: 0 10:16:01.0300 0x19cc Actual detected object count: 0 |
|
22.03.2016, 15:49
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Adware/Browser Hijacker: m55.dnsqa.me moin  Zitat:
Melde dich wieder wenn das erledigt ist, dann gehts weiter.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.03.2016, 15:56
| #5 |
| | Adware/Browser Hijacker: m55.dnsqa.me Hallo ist deinstaliert undder Defender ist aktiviert. |
|
22.03.2016, 16:40
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware/Browser Hijacker: m55.dnsqa.me Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Adware/Browser Hijacker: m55.dnsqa.me |
|
22.03.2016, 16:58
| #7 |
| | Adware/Browser Hijacker: m55.dnsqa.me Alles erledigt, hier die LOGs, Problem besteht nach wie vor Code:
ATTFilter # AdwCleaner v5.105 - Bericht erstellt am 22/03/2016 um 16:52:52
# Aktualisiert am 21/03/2016 von Xplode
# Datenbank : 2016-03-22.1 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : norbe - PC-NORB
# Gestartet von : D:\Downloads\AdwCleaner_5.105.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [637 Bytes] - [22/03/2016 16:52:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [709 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Pro x64
Ran by norbe (Administrator) on 22.03.2016 at 16:54:34,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.03.2016 at 16:55:00,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von norbe (Administrator) auf PC-NORB (22-03-2016 16:56:58)
Gestartet von D:\Downloads
Geladene Profile: norbe (Verfügbare Profile: norbe)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files (x86)\Pingzapper\PZService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\norbe\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCN] => "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [V0790Mon.exe] => C:\Windows\V0790Mon.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [360safeuninst_77ca050897d73b7ac89b1b9e89a7f553] => C:\Users\norbe\AppData\Local\Temp\77ca050897d73b7ac89b1b9e89a7f553_remove360.bat [809 2016-03-22] () <===== ACHTUNG
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify Web Helper] => D:\Spotify\SpotifyWebHelper.exe [1959992 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Steam] => D:\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify] => C:\Users\norbe\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-29] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-21]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8a2e711d-1768-43c9-9fed-276f801e4aa2}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8a2e711d-1768-43c9-9fed-276f801e4aa2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\Programme\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Extension: Rocket Beans Supporter - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\extensions\osrocketbeanssupporter@schloebe.de.xpi [2016-02-13]
FF Extension: Rocket Beans TV Sendeplan für Firefox - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\javos-firebeans-rbtvfx@jetpack.xpi [2016-02-13]
FF Extension: Adblock Plus - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [679424 2012-06-11] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2016-02-24] (NVIDIA Corporation)
R3 V0790Vid; C:\Windows\system32\DRIVERS\V0790Vid.sys [390648 2015-09-17] (Creative Technology Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 360Box64; system32\DRIVERS\360Box64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-22 16:55 - 2016-03-22 16:55 - 00000546 _____ C:\Users\norbe\Desktop\JRT.txt
2016-03-22 16:53 - 2016-03-22 16:53 - 00000790 _____ C:\Users\norbe\Desktop\AdwCleaner[S1].txt
2016-03-22 16:50 - 2016-03-22 16:52 - 00000000 ____D C:\AdwCleaner
2016-03-22 15:53 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-03-22 14:29 - 2014-11-04 09:29 - 00428912 _____ (Network Tunnel Lab) C:\Windows\SysWOW64\networkdlllsp.dll
2016-03-22 14:22 - 2016-03-22 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingzapper
2016-03-22 14:21 - 2016-03-22 14:29 - 00000000 ____D C:\Program Files (x86)\Pingzapper
2016-03-22 13:53 - 2016-03-22 13:53 - 00004090 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{37B43E3E-63E2-4777-AE7D-34DBD1977C75}
2016-03-22 10:01 - 2016-03-22 10:01 - 00001204 _____ C:\Users\norbe\Desktop\Malewarebytes D.txt
2016-03-22 09:56 - 2016-03-22 16:56 - 00000000 ____D C:\FRST
2016-03-22 09:56 - 2016-03-22 13:45 - 00256818 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_09.56.25_log.txt
2016-03-22 09:21 - 2016-03-22 09:21 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-22 09:20 - 2016-03-22 09:20 - 00242376 _____ C:\Users\norbe\Downloads\Firefox Setup Stub 45.0.1.exe
2016-03-21 20:19 - 2016-03-21 20:19 - 00000000 ___HD C:\$SysReset
2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagwrn.xml
2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagerr.xml
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HP
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Local\HP
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\WEBREG
2016-03-21 11:28 - 2016-03-21 11:28 - 00001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HpUpdate
2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\HP Product Assistant
2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\Program Files (x86)\HP
2016-03-21 11:26 - 2016-03-21 11:29 - 00201689 _____ C:\Windows\hpoins32.dat
2016-03-21 11:26 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\HP
2016-03-21 11:26 - 2012-09-28 10:52 - 00000932 ____N C:\Windows\hpomdl32.dat
2016-03-21 11:26 - 2012-09-25 08:52 - 03867040 _____ C:\Windows\system32\PortChanger.exe
2016-03-21 11:26 - 2012-09-25 08:52 - 00151968 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4.sys
2016-03-21 11:26 - 2012-09-25 08:52 - 00049056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys
2016-03-21 11:26 - 2012-09-25 08:52 - 00027040 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4Prt.sys
2016-03-21 11:26 - 2009-07-14 02:41 - 00046080 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpz3lw72.dll
2016-03-21 11:26 - 2009-07-08 11:51 - 01411584 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p01b.dll
2016-03-21 11:26 - 2009-07-08 11:51 - 00966656 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p01b.dll
2016-03-21 11:26 - 2009-07-08 11:51 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2016-03-21 11:26 - 2009-07-08 11:51 - 00512512 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p01a.dll
2016-03-21 11:18 - 2016-03-21 11:18 - 00000000 ____D C:\Users\norbe\AppData\Local\ElevatedDiagnostics
2016-03-21 10:52 - 2016-03-21 10:52 - 00000000 _____ C:\Recovery.txt
2016-03-21 10:44 - 2016-03-21 20:01 - 00000000 ____D C:\$Windows.~BT
2016-03-21 10:31 - 2016-03-21 11:11 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-03-21 10:26 - 2016-03-22 15:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-21 10:24 - 2016-03-21 10:24 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-21 10:24 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-21 10:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-21 10:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 15:39 - 2016-03-20 15:39 - 00000000 ____D C:\ProgramData\TomTom
2016-03-20 15:37 - 2016-03-20 15:37 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\TomTom
2016-03-20 15:36 - 2016-03-20 15:36 - 00000000 ____D C:\Users\norbe\AppData\Roaming\TomTom
2016-03-18 17:10 - 2016-03-18 17:10 - 00000000 ____D C:\Windows\%LOCALAPPDATA%
2016-03-15 17:46 - 2016-03-21 10:38 - 00000000 ____D C:\Users\norbe\AppData\Local\CrashDumps
2016-03-15 17:44 - 2016-03-15 17:44 - 00000813 _____ C:\Users\norbe\Desktop\Launch Pharaoh Gold.lnk
2016-03-15 16:33 - 2016-03-15 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pharaoh Gold [GOG.com]
2016-03-15 11:17 - 2016-03-15 11:17 - 00003882 _____ C:\Windows\System32\Tasks\{414B0950-34C1-4197-32DC-28352DDC627F}
2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-11 07:25 - 2016-03-08 07:05 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-11 07:25 - 2016-02-14 02:47 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-03-11 07:25 - 2016-02-14 02:46 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-03-11 07:25 - 2016-02-14 02:45 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-03-11 07:25 - 2016-02-14 02:45 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-03-11 07:23 - 2016-03-08 11:27 - 42968120 _____ C:\Windows\system32\nvcompiler.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 22971960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 21322480 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 20863920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 18906048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 17732960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 17368424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 17325400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 17320280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 10547128 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 08657936 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 02613696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 02257344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00955328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00885184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00784640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00750016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00692160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00630592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00601752 _____ C:\Windows\system32\nvmcumd.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00346560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-09 22:33 - 2016-03-09 22:33 - 00001388 _____ C:\Users\norbe\Desktop\CIGLauncher.lnk
2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Aspyr
2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\AppData\Local\Aspyr
2016-03-09 03:47 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 03:47 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-03-09 03:47 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-03-09 03:47 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-03-09 03:47 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-03-09 03:47 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-09 03:47 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-03-09 03:47 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 03:47 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-03-09 03:47 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-03-09 03:47 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-09 03:47 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-09 03:47 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 03:47 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 03:47 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 03:47 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 03:47 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 03:46 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-03-09 03:46 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-03-09 03:46 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 03:46 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 03:46 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 03:46 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 03:46 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-09 03:46 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 03:46 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 03:46 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 03:46 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 03:46 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-03-09 03:46 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-03-09 03:46 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-03-09 03:46 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 03:46 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-03-09 03:46 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 03:46 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-03-09 03:46 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-03-09 03:46 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 03:46 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-03-09 03:46 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-03-09 03:46 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-03-09 03:46 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-09 03:46 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-09 03:46 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-03-09 03:46 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-09 03:46 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-09 03:46 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-03-09 03:46 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 03:46 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-03-09 03:46 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-03-09 03:46 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-03-09 03:46 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-03-09 03:46 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-03-09 03:46 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-03-09 03:46 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-09 03:46 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-03-09 03:46 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-09 03:46 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 03:46 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-09 03:46 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-09 03:46 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 03:46 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-03-09 03:46 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-03-09 03:46 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 03:46 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-03-09 03:46 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-03-09 03:46 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-03-09 03:46 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-03-09 03:46 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-09 03:46 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-03-09 03:46 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 03:46 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 03:46 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-03-09 03:46 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2016-03-09 03:46 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-03-09 03:46 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-03-09 03:46 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-03-09 03:46 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-03-09 03:46 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-03-09 03:46 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-03-09 03:46 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-03-09 03:46 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 03:46 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-03-09 03:46 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-09 03:46 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-03-09 03:46 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-03-09 03:46 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-03-09 03:46 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-03-09 03:46 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-03-09 03:46 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-03-09 03:46 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-09 03:46 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-03-09 03:46 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-03-09 03:46 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-03-09 03:46 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-03-09 03:46 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-03-09 03:46 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-09 03:46 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 03:46 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-03-09 03:46 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 03:46 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-09 03:46 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 03:46 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 03:46 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-03-09 03:46 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 03:46 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-03-09 03:46 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-03-09 03:46 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-09 03:46 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-03-09 03:46 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-03-09 03:46 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-03-09 03:46 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-03-09 03:46 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-03-09 03:46 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 03:46 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 03:46 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-03-09 03:46 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-03-09 03:46 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-09 03:46 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-03-09 03:46 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 03:46 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-03-09 03:46 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2016-03-09 03:46 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-03-09 03:46 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 03:46 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-03-09 03:46 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-03-09 03:46 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-03-09 03:46 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-09 03:46 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-03-09 03:46 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-03-09 03:46 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 03:46 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 03:46 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-03-09 03:46 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-03-09 03:46 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-03-09 03:46 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-03-09 03:46 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-09 03:46 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-03-09 03:46 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-03-09 03:46 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-03-09 03:46 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-03-09 03:46 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-03-09 03:46 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-03-09 03:46 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-03-09 03:46 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-09 03:46 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-03-09 03:46 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-09 03:46 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-03-09 03:46 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-09 03:46 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-03-09 03:46 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-03-09 03:46 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 03:46 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-09 03:46 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-08 18:19 - 2016-03-11 07:18 - 00000000 ____D C:\Users\norbe\AppData\Roaming\vlc
2016-03-08 18:19 - 2016-03-08 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-08 18:01 - 2016-03-08 18:01 - 00000000 ____D C:\Users\norbe\AppData\Local\Nem's Tools
2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\MSBuild
2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-08 17:57 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-03-08 17:57 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-08 17:57 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-03-08 17:57 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-03-08 17:57 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-03-08 17:57 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-07 18:48 - 2016-03-09 19:29 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\My Games
2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Roaming\FiraxisLive
2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Local\My Games
2016-03-07 15:42 - 2016-03-22 15:26 - 00000000 ____D C:\Users\norbe\AppData\Local\Ubisoft Game Launcher
2016-03-07 15:42 - 2016-03-07 15:42 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-03-06 20:51 - 2016-03-06 20:51 - 00001268 _____ C:\Users\norbe\Desktop\Bethesda.net_Launcher.lnk
2016-03-06 20:40 - 2016-03-18 21:12 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Awesomium
2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Elder Scrolls Online
2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2016-03-06 20:26 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA Corporation
2016-03-06 20:24 - 2016-03-07 18:49 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-03-06 20:23 - 2016-03-22 14:06 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-06 20:23 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-06 20:23 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA
2016-03-06 20:23 - 2016-02-17 07:40 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-03-06 20:23 - 2016-02-17 07:40 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-06 20:23 - 2016-02-17 07:40 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-06 20:23 - 2016-02-17 07:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-06 20:23 - 2016-02-17 07:40 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-06 20:22 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-06 20:22 - 2016-03-08 07:42 - 06371384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 02992576 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-06 20:22 - 2016-03-08 07:42 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-06 20:22 - 2016-03-08 07:42 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-06 20:22 - 2016-03-07 05:22 - 06203411 _____ C:\Windows\system32\nvcoproc.bin
2016-03-06 20:22 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-06 20:22 - 2016-02-24 00:57 - 00215608 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-03-06 20:22 - 2016-02-24 00:57 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-03-06 20:21 - 2016-03-10 04:19 - 12653504 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-06 20:21 - 2016-03-08 11:27 - 20061152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 14226864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 03681672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 03259176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 00545632 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-06 20:21 - 2016-03-08 11:27 - 00037702 _____ C:\Windows\system32\nvinfo.pb
2016-03-06 20:21 - 2016-02-24 00:57 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436200.dll
2016-03-06 20:21 - 2016-02-24 00:57 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-03-06 20:21 - 2016-02-24 00:57 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436200.dll
2016-03-06 20:21 - 2016-02-24 00:57 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-03-06 20:21 - 2016-02-24 00:57 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-06 20:21 - 2016-02-24 00:57 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-06 20:21 - 2016-02-24 00:57 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-03-06 20:21 - 2016-02-24 00:57 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-03-06 20:20 - 2016-03-21 10:14 - 00000000 ____D C:\NVIDIA
2016-03-06 20:20 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-02 17:13 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-02 17:13 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-02 17:13 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:13 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:13 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-03-02 17:13 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-03-02 17:13 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-02 17:13 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-02 17:13 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-02 17:13 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-02 17:13 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-02 17:13 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-02 17:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-02 17:13 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-03-02 17:13 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-03-02 17:12 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-03-02 17:12 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ C:\Windows\system32\CoreUIComponents.dll
2016-03-02 17:12 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-02 17:12 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-02 17:12 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-02 17:12 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-03-02 17:12 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2016-03-02 17:12 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-03-02 17:12 - 2016-02-23 11:34 - 01859960 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-03-02 17:12 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-02 17:12 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-03-02 17:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-03-02 17:12 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-02 17:12 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-03-02 17:12 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-03-02 17:12 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-03-02 17:12 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-03-02 17:12 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-03-02 17:12 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-03-02 17:12 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-02 17:12 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-03-02 17:12 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-02 17:12 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-03-02 17:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-03-02 17:12 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-02 17:12 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-03-02 17:12 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-03-02 17:12 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 17:12 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-02 17:12 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-02 17:12 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-02 17:12 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-03-02 17:12 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-03-02 17:12 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll
2016-03-02 17:12 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-03-02 17:12 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-03-02 17:12 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-03-02 17:12 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2016-03-02 17:12 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2016-03-02 17:12 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-03-02 17:12 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2016-03-02 17:12 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2016-03-02 17:12 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-02 17:12 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 17:12 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-03-02 17:12 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-02 17:12 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\irmon.dll
2016-03-02 17:12 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-03-02 17:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-03-02 17:12 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-03-02 17:12 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2016-03-02 17:12 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-03-02 17:12 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-03-02 17:12 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-03-02 17:12 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-03-02 17:12 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerClient.dll
2016-03-02 17:12 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2016-03-02 17:12 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-03-02 17:12 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2016-03-02 17:12 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 17:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-03-02 17:12 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-03-02 17:12 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-02 17:12 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll
2016-03-02 17:12 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2016-03-02 17:12 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-03-02 17:12 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-03-02 17:12 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-03-02 17:12 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-03-02 17:12 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2016-03-02 17:12 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-03-02 17:12 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2016-03-02 17:12 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2016-03-02 17:12 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-03-02 17:12 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-03-02 17:12 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-02 17:12 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-03-02 17:12 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:12 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-03-02 17:12 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-03-02 17:12 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-03-02 17:12 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-03-02 17:12 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-03-02 17:12 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-03-02 17:12 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-03-02 17:12 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-03-02 17:12 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-02 17:12 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-03-02 17:12 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-03-02 17:12 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-03-02 17:12 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-03-02 17:12 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-03-02 17:12 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2016-03-02 17:12 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-03-02 17:12 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-03-02 17:12 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-03-02 17:12 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-03-02 17:12 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-02 17:12 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-03-02 17:12 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-03-02 17:12 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-03-02 17:12 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2016-03-02 17:12 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-03-02 17:12 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeBrokerClient.dll
2016-03-02 17:12 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-03-02 17:12 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2016-03-02 17:12 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-03-02 17:12 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-03-02 17:12 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2016-03-02 17:12 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-03-02 17:12 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-03-02 17:12 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-02 17:12 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-02 17:12 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 17:12 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:12 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-03-02 17:12 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-03-02 17:12 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 17:12 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-02 17:12 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-03-02 17:12 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-03-02 17:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-02 17:12 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2016-03-02 17:12 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-03-02 17:12 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-03-02 17:12 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-03-02 17:12 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 17:12 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-03-02 17:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-02 17:12 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-02 17:12 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-03-02 17:12 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-02 17:12 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-03-02 17:12 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-03-02 17:12 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-02 17:12 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-02 17:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-02 17:12 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-02 17:12 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-02 17:12 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-02 17:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-03-02 17:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-03-02 17:12 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-02 17:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-03-02 17:12 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-03-02 17:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-03-02 17:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-03-02 17:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-03-02 17:12 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-03-02 17:12 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-03-02 17:12 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-03-02 17:12 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-03-02 17:12 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-03-02 17:12 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-03-02 17:12 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-02-27 22:07 - 2016-02-27 22:07 - 00281380 _____ C:\Windows\Minidump\022716-9031-01.dmp
2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Skype
2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\ProgramData\Skype
2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\Users\norbe\Tracing
2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-27 13:53 - 2016-02-27 13:53 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Artifex Mundi
2016-02-21 15:03 - 2016-02-21 15:03 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Foxit Software
2016-02-21 15:02 - 2016-02-21 15:02 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-21 15:02 - 2016-02-21 15:02 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Foxit AgentInformation
2016-02-21 14:56 - 2016-02-21 14:56 - 00000000 ____D C:\Users\norbe\AppData\LocalLow\Temp
2016-02-21 14:11 - 2016-02-21 14:52 - 00012783 _____ C:\Users\norbe\OneDrive\Dokumente\Protokoll Boonekamp Gruppe 3.xlsx
2016-02-21 11:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-02-21 11:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-02-21 11:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-02-21 11:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-02-21 11:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-02-21 11:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-02-21 11:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-02-21 11:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-02-21 11:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-02-21 11:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-02-21 11:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-02-21 11:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-02-21 11:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-02-21 11:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-02-21 11:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-02-21 11:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-02-21 11:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-02-21 11:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-02-21 11:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-02-21 11:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-02-21 11:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-02-21 11:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-02-21 11:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-02-21 11:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-02-21 11:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-02-21 11:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-02-21 11:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-02-21 11:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-02-21 11:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-02-21 11:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-02-21 11:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-02-21 11:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-02-21 11:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-02-21 11:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-02-21 11:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-02-21 11:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-02-21 11:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-02-21 11:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-02-21 11:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-02-21 11:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-02-21 11:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-02-21 11:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-02-21 11:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-02-21 11:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-02-21 11:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-02-21 11:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-02-21 11:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-02-21 11:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-02-21 11:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-02-21 11:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-02-21 11:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-02-21 11:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-02-21 11:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-02-21 11:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-02-21 11:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-02-21 11:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-02-21 11:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-02-21 11:51 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-02-21 11:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-02-21 11:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-02-21 11:51 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-02-21 11:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-02-21 11:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-02-21 11:51 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-02-21 11:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-02-21 11:51 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-02-21 11:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-02-21 11:51 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-02-21 11:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-02-21 11:51 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-02-21 11:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-02-21 11:51 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-02-21 11:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-02-21 11:51 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-02-21 11:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-02-21 11:51 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-02-21 11:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-02-21 11:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-02-21 11:51 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-02-21 11:51 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-02-21 11:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-02-21 11:51 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-02-21 11:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-02-21 11:51 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-02-21 11:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-02-21 11:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-02-21 11:51 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-02-21 11:51 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-02-21 11:51 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-02-21 11:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-02-21 11:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-02-21 11:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-02-21 11:51 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-02-21 11:51 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-02-21 11:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-02-21 11:51 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-02-21 11:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-02-21 11:51 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-02-21 11:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-02-21 11:51 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-02-21 11:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-02-21 11:51 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-02-21 11:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-02-21 11:51 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-02-21 11:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-02-21 11:51 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-02-21 11:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-02-21 11:51 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-02-21 11:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-02-21 11:51 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-02-21 11:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-02-21 11:51 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-02-21 11:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-02-21 11:51 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-02-21 11:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-22 16:47 - 2016-02-20 15:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 15:50 - 2016-02-13 21:08 - 00000000 ____D C:\Users\norbe\AppData\LocalLow\360WD
2016-03-22 14:12 - 2016-02-13 20:41 - 01827448 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 14:12 - 2015-10-30 19:35 - 00790808 _____ C:\Windows\system32\perfh007.dat
2016-03-22 14:12 - 2015-10-30 19:35 - 00159688 _____ C:\Windows\system32\perfc007.dat
2016-03-22 14:12 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF
2016-03-22 14:07 - 2016-02-13 20:52 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-22 14:07 - 2016-02-13 20:52 - 00000000 __SHD C:\Users\norbe\IntelGraphicsProfiles
2016-03-22 14:06 - 2016-02-13 20:33 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 14:06 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\System
2016-03-22 14:06 - 2015-10-30 07:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-22 09:13 - 2016-02-13 20:39 - 00000000 ____D C:\Users\norbe\AppData\Local\MicrosoftEdge
2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 __SHD C:\$360Section
2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 ____D C:\ProgramData\360Quarant
2016-03-21 19:56 - 2016-02-13 21:28 - 00194304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-21 11:28 - 2015-10-30 08:24 - 00000127 _____ C:\Windows\win.ini
2016-03-21 10:16 - 2016-02-13 20:35 - 00000000 ____D C:\Users\norbe
2016-03-21 10:15 - 2016-02-14 12:14 - 00000000 ____D C:\Windows\Minidump
2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration
2016-03-20 20:55 - 2016-02-13 20:31 - 00000000 ____D C:\Windows\Panther
2016-03-20 20:21 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\LiveKernelReports
2016-03-20 15:35 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness
2016-03-13 20:25 - 2016-02-13 20:38 - 00002387 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-13 20:25 - 2016-02-13 20:38 - 00000000 ___RD C:\Users\norbe\OneDrive
2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-11 00:47 - 2016-02-20 15:06 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-10 22:37 - 2016-02-13 21:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 22:37 - 2016-02-13 21:19 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 22:37 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp
2016-03-09 23:13 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache
2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\MUI
2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:00 - 2016-02-15 19:06 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Spotify
2016-03-07 21:00 - 2016-02-15 19:05 - 00000000 ____D C:\Users\norbe\AppData\Local\Spotify
2016-03-06 20:22 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\Help
2016-03-06 19:51 - 2016-02-13 20:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-06 19:50 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-03-06 19:49 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 __RSD C:\Windows\Media
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr
2016-03-06 19:49 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Dism
2016-02-29 18:07 - 2016-02-17 18:57 - 00001836 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-27 22:07 - 2016-02-14 12:14 - 663970275 _____ C:\Windows\MEMORY.DMP
2016-02-21 11:51 - 2016-02-13 20:45 - 00000000 ____D C:\ProgramData\Package Cache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-03-21 11:26 - 2016-03-21 11:29 - 0000835 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\norbe\AppData\Local\Temp\77ca050897d73b7ac89b1b9e89a7f553_remove360.bat
Einige Dateien in TEMP:
====================
C:\Users\norbe\AppData\Local\Temp\77ca050897d73b7ac89b1b9e89a7f553_360tray.exe
C:\Users\norbe\AppData\Local\Temp\77ca050897d73b7ac89b1b9e89a7f553_SystemCompact.exe
C:\Users\norbe\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\norbe\AppData\Local\Temp\Cleanup.dll
C:\Users\norbe\AppData\Local\Temp\ddu.exe
C:\Users\norbe\AppData\Local\Temp\msvcm80.dll
C:\Users\norbe\AppData\Local\Temp\msvcp80.dll
C:\Users\norbe\AppData\Local\Temp\msvcr80.dll
C:\Users\norbe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\norbe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\norbe\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-14 21:28
==================== Ende von FRST.txt ============================
Geändert von Ci-Ca-Caro (22.03.2016 um 17:46 Uhr) |
|
22.03.2016, 23:33
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware/Browser Hijacker: m55.dnsqa.me Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2016, 08:39
| #9 |
| | Adware/Browser Hijacker: m55.dnsqa.meCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von norbe (Administrator) auf PC-NORB (23-03-2016 08:38:33) Gestartet von D:\Downloads Geladene Profile: norbe (Verfügbare Profile: norbe) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\Pingzapper\PZService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\norbe\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Valve Corporation) D:\Steam\Steam.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [StartCN] => "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation) HKLM-x32\...\Run: [V0790Mon.exe] => C:\Windows\V0790Mon.exe HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify Web Helper] => D:\Spotify\SpotifyWebHelper.exe [1959992 2015-03-23] (Spotify Ltd) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Steam] => D:\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Run: [Spotify] => C:\Users\norbe\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-29] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-21] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8a2e711d-1768-43c9-9fed-276f801e4aa2}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{8a2e711d-1768-43c9-9fed-276f801e4aa2}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== FireFox: ======== FF ProfilePath: C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Programme\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\Programme\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Extension: Rocket Beans Supporter - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\extensions\osrocketbeanssupporter@schloebe.de.xpi [2016-02-13] FF Extension: Rocket Beans TV Sendeplan für Firefox - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\javos-firebeans-rbtvfx@jetpack.xpi [2016-02-13] FF Extension: Adblock Plus - C:\Users\norbe\AppData\Roaming\Mozilla\Firefox\Profiles\1hixs43p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation) R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation) R2 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [679424 2012-06-11] () [Datei ist nicht signiert] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-23] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2016-02-24] (NVIDIA Corporation) R3 V0790Vid; C:\Windows\system32\DRIVERS\V0790Vid.sys [390648 2015-09-17] (Creative Technology Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 360Box64; system32\DRIVERS\360Box64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-22 18:20 - 2016-03-22 18:18 - 00015135 _____ C:\Users\norbe\OneDrive\Dokumente\Reisekosten BDM 2.Block.xlsx 2016-03-22 18:20 - 2016-03-22 18:17 - 00015135 _____ C:\Users\norbe\OneDrive\Dokumente\Muster Reisekostenabrechnung.xlsx 2016-03-22 18:20 - 2016-02-12 22:54 - 00011969 _____ C:\Users\norbe\OneDrive\Dokumente\2.Block BDM.xlsx 2016-03-22 16:50 - 2016-03-22 16:52 - 00000000 ____D C:\AdwCleaner 2016-03-22 15:53 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-03-22 14:29 - 2014-11-04 09:29 - 00428912 _____ (Network Tunnel Lab) C:\Windows\SysWOW64\networkdlllsp.dll 2016-03-22 14:22 - 2016-03-22 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingzapper 2016-03-22 14:21 - 2016-03-22 14:29 - 00000000 ____D C:\Program Files (x86)\Pingzapper 2016-03-22 13:53 - 2016-03-22 19:54 - 00004156 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{37B43E3E-63E2-4777-AE7D-34DBD1977C75} 2016-03-22 09:56 - 2016-03-23 08:38 - 00000000 ____D C:\FRST 2016-03-22 09:56 - 2016-03-22 13:45 - 00256818 _____ C:\TDSSKiller.3.1.0.9_22.03.2016_09.56.25_log.txt 2016-03-22 09:21 - 2016-03-22 09:21 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-22 09:21 - 2016-03-22 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-22 09:20 - 2016-03-22 09:20 - 00242376 _____ C:\Users\norbe\Downloads\Firefox Setup Stub 45.0.1.exe 2016-03-21 20:19 - 2016-03-21 20:19 - 00000000 ___HD C:\$SysReset 2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagwrn.xml 2016-03-21 19:57 - 2016-03-21 21:34 - 00001908 _____ C:\Windows\diagerr.xml 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HP 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\norbe\AppData\Local\HP 2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\WEBREG 2016-03-21 11:28 - 2016-03-21 11:28 - 00001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\Users\norbe\AppData\Roaming\HpUpdate 2016-03-21 11:28 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\HP Product Assistant 2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-03-21 11:27 - 2016-03-21 11:28 - 00000000 ____D C:\Program Files (x86)\HP 2016-03-21 11:26 - 2016-03-21 11:29 - 00201689 _____ C:\Windows\hpoins32.dat 2016-03-21 11:26 - 2016-03-21 11:29 - 00000000 ____D C:\ProgramData\HP 2016-03-21 11:26 - 2012-09-28 10:52 - 00000932 ____N C:\Windows\hpomdl32.dat 2016-03-21 11:26 - 2012-09-25 08:52 - 03867040 _____ C:\Windows\system32\PortChanger.exe 2016-03-21 11:26 - 2012-09-25 08:52 - 00151968 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4.sys 2016-03-21 11:26 - 2012-09-25 08:52 - 00049056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys 2016-03-21 11:26 - 2012-09-25 08:52 - 00027040 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4Prt.sys 2016-03-21 11:26 - 2009-07-14 02:41 - 00046080 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpz3lw72.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 01411584 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p01b.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00966656 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p01b.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2016-03-21 11:26 - 2009-07-08 11:51 - 00512512 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p01a.dll 2016-03-21 11:18 - 2016-03-21 11:18 - 00000000 ____D C:\Users\norbe\AppData\Local\ElevatedDiagnostics 2016-03-21 10:52 - 2016-03-21 10:52 - 00000000 _____ C:\Recovery.txt 2016-03-21 10:44 - 2016-03-21 20:01 - 00000000 ____D C:\$Windows.~BT 2016-03-21 10:31 - 2016-03-21 11:11 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-03-21 10:26 - 2016-03-23 08:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-21 10:24 - 2016-03-21 10:24 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-21 10:24 - 2016-03-21 10:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-21 10:24 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-21 10:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-21 10:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-20 15:39 - 2016-03-20 15:39 - 00000000 ____D C:\ProgramData\TomTom 2016-03-20 15:37 - 2016-03-20 15:37 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\TomTom 2016-03-20 15:36 - 2016-03-20 15:36 - 00000000 ____D C:\Users\norbe\AppData\Roaming\TomTom 2016-03-18 17:10 - 2016-03-18 17:10 - 00000000 ____D C:\Windows\%LOCALAPPDATA% 2016-03-15 17:46 - 2016-03-21 10:38 - 00000000 ____D C:\Users\norbe\AppData\Local\CrashDumps 2016-03-15 17:44 - 2016-03-15 17:44 - 00000813 _____ C:\Users\norbe\Desktop\Launch Pharaoh Gold.lnk 2016-03-15 16:33 - 2016-03-15 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pharaoh Gold [GOG.com] 2016-03-15 11:17 - 2016-03-15 11:17 - 00003882 _____ C:\Windows\System32\Tasks\{414B0950-34C1-4197-32DC-28352DDC627F} 2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 2016-03-11 07:25 - 2016-03-11 07:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-11 07:25 - 2016-03-08 07:05 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-03-11 07:25 - 2016-02-14 02:47 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-03-11 07:25 - 2016-02-14 02:46 - 00126232 _____ C:\Windows\system32\vulkan-1.dll 2016-03-11 07:25 - 2016-02-14 02:45 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe 2016-03-11 07:25 - 2016-02-14 02:45 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-03-11 07:23 - 2016-03-08 11:27 - 42968120 _____ C:\Windows\system32\nvcompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 22971960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 21322480 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 20863920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 18906048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17732960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17368424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17325400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 17320280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 10547128 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 08657936 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 02613696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 02257344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00955328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00885184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00784640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00750016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00692160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00630592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00601752 _____ C:\Windows\system32\nvmcumd.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00346560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-03-11 07:23 - 2016-03-08 11:27 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-03-09 22:33 - 2016-03-09 22:33 - 00001388 _____ C:\Users\norbe\Desktop\CIGLauncher.lnk 2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Aspyr 2016-03-09 18:07 - 2016-03-09 18:07 - 00000000 ____D C:\Users\norbe\AppData\Local\Aspyr 2016-03-09 03:47 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-09 03:47 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-03-09 03:47 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2016-03-09 03:47 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2016-03-09 03:47 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-03-09 03:47 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-03-09 03:47 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2016-03-09 03:47 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-09 03:47 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2016-03-09 03:47 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2016-03-09 03:47 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-03-09 03:47 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-03-09 03:47 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-09 03:47 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-09 03:47 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-03-09 03:47 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-09 03:47 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-09 03:46 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-03-09 03:46 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-03-09 03:46 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-03-09 03:46 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-03-09 03:46 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-09 03:46 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-03-09 03:46 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-03-09 03:46 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-03-09 03:46 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-09 03:46 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-09 03:46 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-03-09 03:46 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-03-09 03:46 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-03-09 03:46 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-03-09 03:46 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-03-09 03:46 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2016-03-09 03:46 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-09 03:46 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-03-09 03:46 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-03-09 03:46 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-03-09 03:46 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-03-09 03:46 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2016-03-09 03:46 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2016-03-09 03:46 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2016-03-09 03:46 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-03-09 03:46 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2016-03-09 03:46 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-03-09 03:46 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-03-09 03:46 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll 2016-03-09 03:46 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-03-09 03:46 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2016-03-09 03:46 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll 2016-03-09 03:46 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2016-03-09 03:46 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll 2016-03-09 03:46 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-09 03:46 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-03-09 03:46 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2016-03-09 03:46 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-09 03:46 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2016-03-09 03:46 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll 2016-03-09 03:46 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-09 03:46 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll 2016-03-09 03:46 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2016-03-09 03:46 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll 2016-03-09 03:46 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-09 03:46 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-09 03:46 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll 2016-03-09 03:46 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll 2016-03-09 03:46 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll 2016-03-09 03:46 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll 2016-03-09 03:46 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll 2016-03-09 03:46 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll 2016-03-09 03:46 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll 2016-03-09 03:46 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2016-03-09 03:46 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2016-03-09 03:46 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-03-09 03:46 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll 2016-03-09 03:46 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll 2016-03-09 03:46 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll 2016-03-09 03:46 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2016-03-09 03:46 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll 2016-03-09 03:46 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll 2016-03-09 03:46 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2016-03-09 03:46 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-03-09 03:46 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 03:46 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-03-09 03:46 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 03:46 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-09 03:46 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2016-03-09 03:46 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-03-09 03:46 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2016-03-09 03:46 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll 2016-03-09 03:46 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-03-09 03:46 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2016-03-09 03:46 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2016-03-09 03:46 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-09 03:46 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 03:46 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2016-03-09 03:46 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll 2016-03-09 03:46 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-03-09 03:46 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2016-03-09 03:46 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-09 03:46 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll 2016-03-09 03:46 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll 2016-03-09 03:46 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll 2016-03-09 03:46 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll 2016-03-09 03:46 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2016-03-09 03:46 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2016-03-09 03:46 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll 2016-03-09 03:46 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll 2016-03-09 03:46 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 03:46 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll 2016-03-09 03:46 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll 2016-03-09 03:46 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2016-03-09 03:46 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2016-03-09 03:46 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2016-03-09 03:46 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2016-03-09 03:46 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2016-03-09 03:46 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2016-03-09 03:46 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-03-09 03:46 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2016-03-09 03:46 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-03-09 03:46 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2016-03-09 03:46 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-03-09 03:46 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll 2016-03-09 03:46 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll 2016-03-09 03:46 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 03:46 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-03-09 03:46 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-03-08 18:19 - 2016-03-11 07:18 - 00000000 ____D C:\Users\norbe\AppData\Roaming\vlc 2016-03-08 18:19 - 2016-03-08 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-03-08 18:01 - 2016-03-08 18:01 - 00000000 ____D C:\Users\norbe\AppData\Local\Nem's Tools 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files\MSBuild 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-03-08 17:58 - 2016-03-08 17:58 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-03-08 17:57 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-03-08 17:57 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2016-03-08 17:57 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-03-08 17:57 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-03-07 18:48 - 2016-03-09 19:29 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\My Games 2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Roaming\FiraxisLive 2016-03-07 18:48 - 2016-03-07 18:48 - 00000000 ____D C:\Users\norbe\AppData\Local\My Games 2016-03-07 15:42 - 2016-03-22 15:26 - 00000000 ____D C:\Users\norbe\AppData\Local\Ubisoft Game Launcher 2016-03-07 15:42 - 2016-03-07 15:42 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2016-03-06 20:51 - 2016-03-06 20:51 - 00001268 _____ C:\Users\norbe\Desktop\Bethesda.net_Launcher.lnk 2016-03-06 20:40 - 2016-03-18 21:12 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Awesomium 2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\Users\norbe\OneDrive\Dokumente\Elder Scrolls Online 2016-03-06 20:36 - 2016-03-06 20:36 - 00000000 ____D C:\ProgramData\Elder Scrolls Online 2016-03-06 20:26 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA Corporation 2016-03-06 20:24 - 2016-03-07 18:49 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-06 20:23 - 2016-03-22 14:06 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-06 20:23 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-06 20:23 - 2016-03-07 18:49 - 00000000 ____D C:\Users\norbe\AppData\Local\NVIDIA 2016-03-06 20:23 - 2016-02-17 07:40 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-06 20:23 - 2016-02-17 07:40 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-03-06 20:22 - 2016-03-11 07:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-06 20:22 - 2016-03-08 07:42 - 06371384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 02992576 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-06 20:22 - 2016-03-08 07:42 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-03-06 20:22 - 2016-03-08 07:42 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-06 20:22 - 2016-03-07 05:22 - 06203411 _____ C:\Windows\system32\nvcoproc.bin 2016-03-06 20:22 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-06 20:22 - 2016-02-24 00:57 - 00215608 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-03-06 20:22 - 2016-02-24 00:57 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-03-06 20:21 - 2016-03-10 04:19 - 12653504 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-03-06 20:21 - 2016-03-08 11:27 - 20061152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 14226864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 03681672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 03259176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00545632 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-03-06 20:21 - 2016-03-08 11:27 - 00037702 _____ C:\Windows\system32\nvinfo.pb 2016-03-06 20:21 - 2016-02-24 00:57 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436200.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436200.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-03-06 20:21 - 2016-02-24 00:57 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-03-06 20:21 - 2016-02-24 00:57 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-03-06 20:21 - 2016-02-24 00:57 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-03-06 20:20 - 2016-03-21 10:14 - 00000000 ____D C:\NVIDIA 2016-03-06 20:20 - 2016-03-06 20:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-02 17:13 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-02 17:13 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-03-02 17:13 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2016-03-02 17:13 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-02 17:13 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll 2016-03-02 17:13 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll 2016-03-02 17:13 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-03-02 17:13 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-02 17:13 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-02 17:13 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-03-02 17:13 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-03-02 17:13 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-02 17:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-03-02 17:13 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-03-02 17:13 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-03-02 17:12 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-03-02 17:12 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ C:\Windows\system32\CoreUIComponents.dll 2016-03-02 17:12 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-03-02 17:12 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-03-02 17:12 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-03-02 17:12 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2016-03-02 17:12 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2016-03-02 17:12 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2016-03-02 17:12 - 2016-02-23 11:34 - 01859960 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-03-02 17:12 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-03-02 17:12 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2016-03-02 17:12 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-03-02 17:12 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2016-03-02 17:12 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-03-02 17:12 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-02 17:12 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2016-03-02 17:12 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-03-02 17:12 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-03-02 17:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-03-02 17:12 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-03-02 17:12 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-03-02 17:12 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2016-03-02 17:12 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2016-03-02 17:12 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-03-02 17:12 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-02 17:12 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-03-02 17:12 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2016-03-02 17:12 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2016-03-02 17:12 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll 2016-03-02 17:12 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2016-03-02 17:12 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys 2016-03-02 17:12 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2016-03-02 17:12 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll 2016-03-02 17:12 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll 2016-03-02 17:12 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe 2016-03-02 17:12 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll 2016-03-02 17:12 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll 2016-03-02 17:12 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-03-02 17:12 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-02 17:12 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2016-03-02 17:12 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-02 17:12 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\irmon.dll 2016-03-02 17:12 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe 2016-03-02 17:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-03-02 17:12 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2016-03-02 17:12 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll 2016-03-02 17:12 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll 2016-03-02 17:12 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe 2016-03-02 17:12 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2016-03-02 17:12 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll 2016-03-02 17:12 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerClient.dll 2016-03-02 17:12 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll 2016-03-02 17:12 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2016-03-02 17:12 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll 2016-03-02 17:12 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll 2016-03-02 17:12 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2016-03-02 17:12 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll 2016-03-02 17:12 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll 2016-03-02 17:12 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2016-03-02 17:12 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll 2016-03-02 17:12 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-03-02 17:12 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2016-03-02 17:12 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll 2016-03-02 17:12 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2016-03-02 17:12 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll 2016-03-02 17:12 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2016-03-02 17:12 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2016-03-02 17:12 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-02 17:12 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll 2016-03-02 17:12 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2016-03-02 17:12 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-03-02 17:12 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2016-03-02 17:12 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe 2016-03-02 17:12 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-03-02 17:12 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2016-03-02 17:12 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-03-02 17:12 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-03-02 17:12 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-03-02 17:12 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2016-03-02 17:12 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe 2016-03-02 17:12 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2016-03-02 17:12 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-03-02 17:12 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-03-02 17:12 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2016-03-02 17:12 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2016-03-02 17:12 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-03-02 17:12 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll 2016-03-02 17:12 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll 2016-03-02 17:12 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeBrokerClient.dll 2016-03-02 17:12 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2016-03-02 17:12 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll 2016-03-02 17:12 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll 2016-03-02 17:12 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-03-02 17:12 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll 2016-03-02 17:12 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2016-03-02 17:12 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-03-02 17:12 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2016-03-02 17:12 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-02 17:12 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2016-03-02 17:12 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-03-02 17:12 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-02 17:12 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2016-03-02 17:12 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll 2016-03-02 17:12 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-03-02 17:12 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-03-02 17:12 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2016-03-02 17:12 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2016-03-02 17:12 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-02 17:12 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll 2016-03-02 17:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-03-02 17:12 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-03-02 17:12 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-03-02 17:12 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-03-02 17:12 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2016-03-02 17:12 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll 2016-03-02 17:12 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-03-02 17:12 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-02 17:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-03-02 17:12 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-03-02 17:12 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-03-02 17:12 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-03-02 17:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-03-02 17:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-03-02 17:12 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-02 17:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-03-02 17:12 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-03-02 17:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-03-02 17:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-03-02 17:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-03-02 17:12 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-03-02 17:12 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-03-02 17:12 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2016-03-02 17:12 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-03-02 17:12 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2016-03-02 17:12 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2016-03-02 17:12 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe 2016-02-27 22:07 - 2016-02-27 22:07 - 00281380 _____ C:\Windows\Minidump\022716-9031-01.dmp 2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Skype 2016-02-27 20:58 - 2016-03-21 10:14 - 00000000 ____D C:\ProgramData\Skype 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\Users\norbe\Tracing 2016-02-27 20:58 - 2016-02-27 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-02-27 13:53 - 2016-02-27 13:53 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Artifex Mundi ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-23 08:36 - 2016-02-13 20:52 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-23 08:36 - 2016-02-13 20:52 - 00000000 __SHD C:\Users\norbe\IntelGraphicsProfiles 2016-03-22 20:14 - 2016-02-13 20:38 - 00000000 ___RD C:\Users\norbe\OneDrive 2016-03-22 19:47 - 2016-02-20 15:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-22 15:50 - 2016-02-13 21:08 - 00000000 ____D C:\Users\norbe\AppData\LocalLow\360WD 2016-03-22 14:12 - 2016-02-13 20:41 - 01827448 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-22 14:12 - 2015-10-30 19:35 - 00790808 _____ C:\Windows\system32\perfh007.dat 2016-03-22 14:12 - 2015-10-30 19:35 - 00159688 _____ C:\Windows\system32\perfc007.dat 2016-03-22 14:12 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF 2016-03-22 14:06 - 2016-02-13 20:33 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-22 14:06 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\System 2016-03-22 14:06 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-03-22 09:13 - 2016-02-13 20:39 - 00000000 ____D C:\Users\norbe\AppData\Local\MicrosoftEdge 2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 __SHD C:\$360Section 2016-03-21 21:43 - 2016-02-13 21:09 - 00000000 ____D C:\ProgramData\360Quarant 2016-03-21 19:56 - 2016-02-13 21:28 - 00194304 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-21 11:28 - 2015-10-30 08:24 - 00000127 _____ C:\Windows\win.ini 2016-03-21 10:16 - 2016-02-13 20:35 - 00000000 ____D C:\Users\norbe 2016-03-21 10:15 - 2016-02-14 12:14 - 00000000 ____D C:\Windows\Minidump 2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-21 10:14 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration 2016-03-20 20:55 - 2016-02-13 20:31 - 00000000 ____D C:\Windows\Panther 2016-03-20 20:21 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\LiveKernelReports 2016-03-20 15:35 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness 2016-03-13 20:25 - 2016-02-13 20:38 - 00002387 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-11 07:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-11 00:47 - 2016-02-20 15:06 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-03-10 22:37 - 2016-02-13 21:19 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-10 22:37 - 2016-02-13 21:19 - 00000000 ____D C:\Windows\system32\MRT 2016-03-10 22:37 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp 2016-03-09 23:13 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache 2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\MUI 2016-03-08 17:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\MUI 2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-07 21:00 - 2016-02-15 19:06 - 00000000 ____D C:\Users\norbe\AppData\Roaming\Spotify 2016-03-07 21:00 - 2016-02-15 19:05 - 00000000 ____D C:\Users\norbe\AppData\Local\Spotify 2016-03-06 20:22 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\Help 2016-03-06 19:51 - 2016-02-13 20:36 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-06 19:50 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-03-06 19:49 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 __RSD C:\Windows\Media 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\PurchaseDialog 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-03-06 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr 2016-03-06 19:49 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Dism 2016-02-29 18:07 - 2016-02-17 18:57 - 00001836 _____ C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-02-27 22:07 - 2016-02-14 12:14 - 663970275 _____ C:\Windows\MEMORY.DMP ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-03-21 11:26 - 2016-03-21 11:29 - 0000835 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\norbe\AppData\Local\Temp\AMDCleanupUtility.exe C:\Users\norbe\AppData\Local\Temp\Cleanup.dll C:\Users\norbe\AppData\Local\Temp\ddu.exe C:\Users\norbe\AppData\Local\Temp\msvcm80.dll C:\Users\norbe\AppData\Local\Temp\msvcp80.dll C:\Users\norbe\AppData\Local\Temp\msvcr80.dll C:\Users\norbe\AppData\Local\Temp\nvSCPAPI.dll C:\Users\norbe\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\norbe\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-14 21:28 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von norbe (2016-03-23 08:38:54)
Gestartet von D:\Downloads
Windows 10 Pro Version 1511 (X64) (2016-02-13 19:34:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3455921864-2365325757-1580788810-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3455921864-2365325757-1580788810-503 - Limited - Disabled)
Gast (S-1-5-21-3455921864-2365325757-1580788810-501 - Limited - Disabled)
norbe (S-1-5-21-3455921864-2365325757-1580788810-1001 - Administrator - Enabled) => C:\Users\norbe
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Skybox Labs)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0203.1043.19267 - Advanced Micro Devices, Inc.) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freedom Planet (HKLM-x32\...\Steam App 248310) (Version: - GalaxyTrail)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - Game in a Bottle)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Live! Cam Chat HD VF0790 Driver (1.00.07.00) (HKLM\...\Creative VF0790) (Version: - Creative Technology Ltd.)
Magicka 2 (HKLM-x32\...\Steam App 238370) (Version: - Pieces Interactive)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Ninja Cats vs Samurai Dogs (HKLM-x32\...\Steam App 260380) (Version: - Eutechnyx)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Pharaoh Gold (HKLM-x32\...\GOGPACKPHARAOH_is1) (Version: 2.0.0.12 - GOG.com)
Pingzapper version 2.0.1 (HKLM-x32\...\{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.0.1 - Pingzapper)
PS_AIO_04_C5300_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam)
Time Mysteries 2: The Ancient Spectres (HKLM-x32\...\Steam App 313650) (Version: - Artifex Mundi sp. z o.o.)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3455921864-2365325757-1580788810-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\norbe\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D69B658-877F-47CC-8432-86BB34A0CA82} - System32\Tasks\{414B0950-34C1-4197-32DC-28352DDC627F} => C:\Windows\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
Task: {22CECA3B-4F73-4FAC-9946-D47CD8A8B04B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {4EC4E635-0B7B-43B5-B859-A8AF6440F729} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2016-03-07 18:49 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-06 20:23 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-07 18:49 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-22 14:21 - 2012-06-11 11:57 - 00679424 ___SH () C:\Program Files (x86)\Pingzapper\PZService.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-02 17:12 - 2016-02-23 12:27 - 02654872 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-13 21:18 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 17:12 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-13 21:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-13 21:18 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-13 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-06 20:23 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-09 07:22 - 2016-02-10 02:17 - 00782336 _____ () D:\Steam\SDL2.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam\v8.dll
2016-03-13 21:45 - 2016-03-10 20:02 - 02547792 _____ () D:\Steam\video.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam\icui18n.dll
2016-02-18 18:58 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam\icuuc.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-03-09 07:22 - 2016-02-09 00:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-03-13 21:45 - 2016-03-10 20:02 - 00802896 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-09 07:22 - 2016-02-17 23:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2016-03-09 07:22 - 2016-02-09 02:33 - 48400672 _____ () D:\Steam\bin\libcef.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-13 21:21 - 2016-02-13 21:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2016-02-20 15:06 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\norbe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "V0790Mon.exe"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3455921864-2365325757-1580788810-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{95A475A6-5761-476B-8FA0-266E91009A4E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CEB33FB9-6979-41DD-988A-BA3BC85B529A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{D138BF86-8B29-4758-85C7-F941CB555209}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{893ED016-D575-4591-B3BE-8AF90ED18495}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{CCA894F6-76D4-4B30-9F7B-F8F3C3D92F27}D:\programme\ubisoft game launcher\games\tom clancy's the division\thedivision.exe] => (Allow) D:\programme\ubisoft game launcher\games\tom clancy's the division\thedivision.exe
FirewallRules: [UDP Query User{3FBA04F6-B67E-4D29-B2C6-EEADAD101D12}D:\programme\ubisoft game launcher\games\tom clancy's the division\thedivision.exe] => (Allow) D:\programme\ubisoft game launcher\games\tom clancy's the division\thedivision.exe
FirewallRules: [TCP Query User{740C183A-935E-49CF-B35C-999CB2BA0287}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{D4CF24DE-904E-48A2-8D03-ACE0E4A22478}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{BFCCC315-4932-4465-8F30-FE57E77C3CD3}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FDD2B006-F4F9-4937-86CB-934A231EA415}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{65F6AFE9-FDB2-47CE-91FD-215B02AD9ACB}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{816783C9-7E08-4688-A459-633F1DEA49AB}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{69241CD6-87B7-431D-A6FF-67FFD8B1E45D}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{26E4C9E7-ED09-49F9-81E4-86A9C1F333F3}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{9311855F-CF87-42E8-B4A9-5320532C8F89}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{6D760EA4-BB2C-405E-BEE6-DF3C4118D19D}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{5FA37414-F559-43B5-8878-0FE6DC150FBF}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AC366F6-4C8C-4508-A292-3399683B1B81}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
==================== Wiederherstellungspunkte =========================
22-03-2016 16:54:34 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/22/2016 08:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x3b0
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5
Error: (03/22/2016 04:54:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/22/2016 04:54:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/22/2016 04:54:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/22/2016 04:54:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Camera Filter Service.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/22/2016 04:54:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Anti Hacker Service.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/22/2016 01:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x3b0
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5
Error: (03/21/2016 09:39:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8066". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/21/2016 09:39:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8066". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/21/2016 10:38:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 44.0.2.5884, Zeitstempel: 0x56bbf417
Name des fehlerhaften Moduls: mozglue.dll, Version: 44.0.2.5884, Zeitstempel: 0x56bbe58e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed3b
ID des fehlerhaften Prozesses: 0x72c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Systemfehler:
=============
Error: (03/22/2016 08:14:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_55e87" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 08:14:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _55e87" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 08:14:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_55e87" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 08:14:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_55e87" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 08:14:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/22/2016 04:54:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/22/2016 02:06:42 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (03/22/2016 02:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3b917b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 02:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3b917b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/22/2016 02:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3b917b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-03-21 20:01:59.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-21 10:18:05.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-20 20:56:54.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-18 17:10:24.073
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-14 22:21:41.236
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 11:41:14.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 03:23:20.643
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-09 19:20:00.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-09 03:33:49.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-08 18:26:23.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16249.03 MB
Verfügbarer physikalischer RAM: 13594.59 MB
Summe virtueller Speicher: 18681.03 MB
Verfügbarer virtueller Speicher: 15808.66 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:205.84 GB) NTFS
Drive d: (Volume) (Fixed) (Total:735.86 GB) (Free:489.17 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 26EB0CFA)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 26EB0CF2)
Partition 1: (Not Active) - (Size=735.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.03.2016, 09:34
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware/Browser Hijacker: m55.dnsqa.me FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2016, 11:41
| #11 |
| | Adware/Browser Hijacker: m55.dnsqa.meCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von norbe (2016-03-23 11:36:49) Run:1
Gestartet von C:\FRST
Geladene Profile: norbe (Verfügbare Profile: norbe)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:37:07 ====
Jedenfalls treten keine Probleme und Popups mehr auf.Vielen Dank Geändert von Ci-Ca-Caro (23.03.2016 um 11:47 Uhr) |
|
23.03.2016, 11:49
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware/Browser Hijacker: m55.dnsqa.me Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2016, 15:32
| #13 |
| | Adware/Browser Hijacker: m55.dnsqa.meCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.03.2016 Suchlaufzeit: 12:41 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.23.02 Rootkit-Datenbank: v2016.03.12.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: norbe Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 344802 Abgelaufene Zeit: 5 Min., 38 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f9f5dd10c870b946925d2a0f8c8be0de
# end=init
# utc_time=2016-03-23 11:42:40
# local_time=2016-03-23 12:42:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28718
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f9f5dd10c870b946925d2a0f8c8be0de
# end=updated
# utc_time=2016-03-23 11:44:44
# local_time=2016-03-23 12:44:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f9f5dd10c870b946925d2a0f8c8be0de
# engine=28718
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-23 01:52:41
# local_time=2016-03-23 02:52:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 15291 12555304 0 0
# scanned=273220
# found=2
# cleaned=0
# scan_time=7676
sh=E88B92396E90164045BCFD554A2F650180B5F49E ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="D:\PC-NORB\Backup Set 2016-03-21 101009\Backup Files 2016-03-21 101009\Backup files 3.zip"
sh=1D041FB574FF0ADFD6E71569C41238C85BF0FCB8 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadAssistant.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-NORB\Backup Set 2016-03-21 101009\Backup Files 2016-03-21 101009\Backup files 7.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 21.0.0.182 Mozilla Firefox (45.0.1) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
23.03.2016, 16:01
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware/Browser Hijacker: m55.dnsqa.me Sieht soweit ok aus  Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2016, 16:14
| #15 |
| | Adware/Browser Hijacker: m55.dnsqa.me Danke für deine Hilfe, der PC scheint soweit in Ordnung. Vielen Dank |
|
| Themen zu Adware/Browser Hijacker: m55.dnsqa.me |
| antiviren, aufruf, browser, browser hijacker, bösartige, code, datum, dnsapi.dll, eingefangen, erkannt, hijacker, hoffe, home, launch, malwarebytes, plugins, popups, probleme, schei, seite, software, surfen, sämtliche, verschiedene, versucht, websites, windows, windowsapps |
Linear-Darstellung
