AVG user Interface

werama · 25.06.2016, 22:19

Hallo zusammen
Nach einigen Jahren wieder mal ein Hilferuf von mir.

Sollte mir Jemand von euch helfen könne werde ich noch im Detail beschreiben. Derweil mal kurz:

Neuer PC seit 18 Tagen "LENOVO YOGA 900 und Windows 10" . Bis vor etwa 8 Tagen ging es ganz gut (wenn man von der dauerden Suche in den neuen Programmen absieht)
Ich arbeite mit Dockinstation und zweitem Bildschirm. Im Moment jedoch habe ich alles abgehängt und hab nur Internet, Drucker, Maus, direkt am PC.

dann hatte ich immer wieder Probleme mit dem zweiten Bildschirm. Gestern konnte ich einzelne wenige Programme zwar öffnen jedoch nicht bedienen. Seit gestern hatte ich auch Probleme mit dem Drucker. Ich dachte es hängt mit der Dockinstation zusammen also gestern diese weggenommen.
Heute kann ich auf den Drucker überhaupt nicht mehr zugreifen. Obwol er bereit meldet.
Auch einzelne Programme starten zwar auf sind jedoch nicht mehr zu bedienen. (z.B. Photoshop Elements 14)
Was ich nach langem Suchen und fummeln gesehen habe ist, dass im Task Manager "AVG user Interface" hängt und das bringe ich auf keine Weise raus.

Ich denke da ist ein Toyaner am Werk oder es ist das AVG

Ich hoffe auf Jemand von euch
Gruss werama

cosinus · 25.06.2016, 23:56

moin

AVG ist eh der letzte Kack. Zusammen mit Avast, Avira und anderen Konsorten, die die normalen Anwender allesamt verarschen.

Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

werama · 26.06.2016, 08:27

Hallo
Danke für die schnelle Antwort.kann ich wieder ansprechen

AVG ist deinstalliert:
AVG user interface ist aus dem TaskManager raus.
Drucker kann ich wieder ansprechen.
Im Photoshop Elements 14 kann ich wieder arbeiten.

Wie weiter ?
Gruss Ulf

cosinus · 26.06.2016, 13:19

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

werama · 27.06.2016, 08:40

Hallo
Das geht schon gut los. Eventuell Stelle ich mich auch nur zu Doof an.

Die Downloadvorbereitung läuft. Danach sehe ich keine Möglichkeit um weiterzukommen. Auch auf dem ganzen C: keine FRST64.exe oder FRST.exe zu finden.

Ist es das Windows 10 ?
In der Beschreibung von FRST64 steht verwendbar bis Windows 8

OK das war mein Problem

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02
Ran by ulfw (administrator) on LAPDESKTOP (27-06-2016 09:20:16)
Running from C:\TrojanerBoard
Loaded Profiles: ulfw (Available Profiles: ulfw)
Platform: Windows 10 Home (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\update\UpdateAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.21441.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-01] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412912 2016-06-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe [2090176 2016-04-26] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe [1227456 2016-04-26] (CHENGDU Yiwo Tech Development Co., Ltd.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-07-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ba909af-3c62-4429-94b3-18fd1bdda109}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68aa8129-2e02-4ac7-9f17-2ca6b94762fd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c76f7e95-d6e4-4b7f-bf18-a9c1bc35784e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fb80cd58-df40-44b1-9b37-247645e8ce84}: [DhcpNameServer] 150.206.1.2

Internet Explorer:
==================
HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-4256507873-131550310-878068454-1001 -> DefaultScope {D5F1BE35-A861-465C-ACBD-70DA19F6DED7} URL = 
SearchScopes: HKU\S-1-5-21-4256507873-131550310-878068454-1001 -> {D5F1BE35-A861-465C-ACBD-70DA19F6DED7} URL = 

FireFox:
========
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-01] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01]
CHR Extension: (Google Docs) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01]
CHR Extension: (Google Drive) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (YouTube) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-02]
CHR Extension: (Google Tabellen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01]
CHR Extension: (Google Docs Offline) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01]
CHR Extension: (AdBlock) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01]
CHR Extension: (Google Mail) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [618920 2016-06-01] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [176640 2015-09-15] () [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11127016 2016-02-12] (DisplayLink Corp.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-07-23] (Intel Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-11-01] (Lenovo) [File not signed]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [372128 2016-06-01] (Intel Corporation)
R2 ImControllerService; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited)
R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-11-01] ()
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S4 O2FLASH; C:\Windows\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International)
S4 O2FLASH; C:\Windows\SysWOW64\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [491328 2015-11-05] ()
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263792 2016-06-01] (Synaptics Incorporated)
R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-11-01] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-08-21] (Lenovo)
R2 YogaPLService; C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe [29112 2015-06-27] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-07-10] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-06-18] (Samsung Electronics Co., Ltd.)
S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.1488.0.sys [67344 2016-06-06] ()
S3 dlcdcncm; C:\Windows\System32\drivers\dlcdcncm62_x64.sys [91920 2016-02-12] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [229648 2016-02-12] (DisplayLink Corp.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-07-23] (Intel Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18016 2016-01-20] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2016-01-20] ()
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-07-23] (Intel Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] ()
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [32792 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed]
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [250096 2015-07-02] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7052032 2016-06-01] (Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro )
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
R3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [159744 2015-07-10] (Realtek                                                )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-06-21] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [74352 2016-06-01] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-27 09:16 - 2016-06-27 09:20 - 00000000 ____D C:\FRST
2016-06-27 09:14 - 2016-06-27 09:14 - 02389504 _____ (Farbar) C:\Users\ulfw\Downloads\FRST64.exe
2016-06-27 08:29 - 2016-06-27 08:29 - 00016148 _____ C:\Windows\system32\LAPDESKTOP_ulfw_HistoryPrediction.bin
2016-06-26 16:58 - 2016-06-27 09:20 - 00000000 ____D C:\TrojanerBoard
2016-06-25 21:26 - 2016-06-25 21:26 - 00001891 _____ C:\Users\ulfw\Desktop\Samsung CLP-320 Series - Verknüpfung.lnk
2016-06-25 20:05 - 2016-06-25 20:05 - 00000751 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt
2016-06-25 20:05 - 2016-06-25 20:05 - 00000000 ____D C:\Users\ulfw\Documents\Adobe
2016-06-23 19:56 - 2015-11-12 13:12 - 00037201 ____N C:\Windows\SysWOW64\spddata.xml
2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 ____N C:\Windows\SysWOW64\spdsvc.exe
2016-06-23 19:56 - 2014-08-18 16:10 - 00094208 ____N C:\Windows\SysWOW64\ssdevm.dll
2016-06-23 19:56 - 2014-08-18 16:08 - 00087552 ____N C:\Windows\system32\ssdevm64.dll
2016-06-23 19:55 - 2016-06-23 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit
2016-06-23 19:51 - 2016-06-23 19:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-06-23 19:50 - 2016-06-23 19:51 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\Windows\system32\sst3cl6.dll
2016-06-23 19:50 - 2010-03-04 09:22 - 01884837 ____N C:\Windows\sst3cLTR.prn
2016-06-23 19:50 - 2010-03-04 09:21 - 01884837 ____N C:\Windows\sst3cA4.prn
2016-06-23 19:50 - 2009-09-11 09:48 - 00000357 _____ C:\Windows\system32\sst3cl6.smt
2016-06-23 19:50 - 2009-09-11 09:47 - 00151552 _____ (SS) C:\Windows\system32\sst3cci.exe
2016-06-23 19:50 - 2009-09-11 09:47 - 00089600 _____ (SS) C:\Windows\system32\sst3cci.dll
2016-06-23 19:31 - 2014-08-18 14:59 - 00011576 ____N (Samsung Electronics) C:\Windows\system32\Drivers\SSPORT.SYS
2016-06-23 17:50 - 2016-06-23 17:50 - 00000000 ____D C:\Windows\LastGood
2016-06-23 17:23 - 2016-06-23 17:23 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-21 09:34 - 2016-06-21 09:34 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-06-20 19:19 - 2016-06-20 19:19 - 00000000 ___RD C:\Users\ulfw\Documents\Scanned Documents
2016-06-20 19:19 - 2016-06-20 19:19 - 00000000 ____D C:\Users\ulfw\Documents\Fax
2016-06-20 09:38 - 2016-06-23 19:58 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Samsung
2016-06-19 17:41 - 2016-06-19 17:41 - 00000000 ____D C:\Users\ulfw\Documents\Unbenannte Site 2
2016-06-19 17:15 - 2016-06-19 17:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-06-19 17:15 - 2016-06-19 17:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-06-19 17:11 - 2016-06-19 17:11 - 00000756 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gunnarsupporttool.lnk
2016-06-19 17:08 - 2016-06-19 17:08 - 00001579 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver.lnk
2016-06-19 14:43 - 2016-06-19 14:43 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2016-06-19 14:43 - 2016-06-19 14:43 - 00001459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2016-06-19 14:42 - 2016-06-19 14:42 - 00001358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2016-06-19 14:42 - 2016-06-19 14:42 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2016-06-19 14:41 - 2016-06-19 14:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-19 14:41 - 2016-06-19 14:41 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-06-19 14:41 - 2016-06-19 14:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-06-19 14:41 - 2016-06-19 14:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-06-19 11:34 - 2016-06-19 11:34 - 00135997 _____ C:\Users\ulfw\Documents\Text-231.pdf
2016-06-19 11:25 - 2016-06-26 08:02 - 00001634 _____ C:\Users\ulfw\Desktop\Euro-Franken.lnk
2016-06-19 11:21 - 2016-06-19 11:21 - 00004273 _____ C:\Users\ulfw\Desktop\Brief-Brief.lnk
2016-06-19 10:39 - 2016-06-19 10:52 - 00001604 _____ C:\Users\ulfw\Desktop\Nikon7100.doc - Notitzen.lnk
2016-06-19 10:39 - 2014-12-26 10:34 - 26271857 _____ C:\Users\ulfw\Desktop\D7100_EU(De)02.pdf
2016-06-19 10:39 - 2013-02-10 16:28 - 03772586 _____ C:\Users\ulfw\Desktop\NafGear-Handbuch.pdf
2016-06-19 10:39 - 2013-02-08 17:25 - 00001579 _____ C:\Users\ulfw\Desktop\Beteiligte im Museum.lnk
2016-06-19 10:39 - 2011-12-26 17:34 - 00412172 _____ C:\Users\ulfw\Desktop\audacity-Handbuch.pdf
2016-06-19 10:39 - 2011-12-26 17:16 - 01543863 _____ C:\Users\ulfw\Desktop\Movie Maker-Hanb
2016-06-19 10:39 - 2010-11-16 16:02 - 00000193 _____ C:\Users\ulfw\Desktop\SwissDomain.ch.url
2016-06-19 10:39 - 2010-11-16 09:39 - 00000226 _____ C:\Users\ulfw\Desktop\IPS-Homepage.url
2016-06-19 09:42 - 2016-06-23 19:58 - 00000000 ____D C:\ProgramData\Samsung
2016-06-19 09:42 - 2016-06-19 09:42 - 00234360 _____ C:\Windows\system32\SBuySupplies.exe
2016-06-19 09:42 - 2016-06-19 09:42 - 00166776 _____ C:\Windows\system32\us008ci.exe
2016-06-19 09:42 - 2016-06-19 09:42 - 00098328 _____ (SS) C:\Windows\system32\us008ci.dll
2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\Windows\system32\us008lm.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00685080 _____ (Logitech Inc.) C:\Windows\system32\LVUI64.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00582680 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LV561V64.sys
2016-06-19 09:32 - 2016-06-19 09:32 - 00490008 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00486936 _____ (Logitech Inc.) C:\Windows\system32\LVUIRC64.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00475672 _____ (Logitech Inc.) C:\Windows\system32\lvcod64.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00465432 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2RC.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00416280 _____ (Logitech Inc.) C:\Windows\SysWOW64\lvcodec2.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00257560 _____ (Logitech Inc.) C:\Windows\system32\lvco1150.dll
2016-06-19 09:32 - 2016-06-19 09:32 - 00059500 _____ C:\Windows\system32\lvcoin64.ini
2016-06-19 09:32 - 2016-06-19 09:32 - 00050072 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LVUSBS64.sys
2016-06-19 09:32 - 2016-06-19 09:32 - 00021138 _____ C:\Windows\system32\Repository.reg
2016-06-19 09:32 - 2016-06-19 09:32 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-06-18 20:09 - 2016-06-18 20:09 - 00016148 _____ C:\Windows\system32\DESKTOP-3REOR0Q_ulfw_HistoryPrediction.bin
2016-06-18 19:13 - 2016-06-18 19:13 - 00003662 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch
2016-06-18 19:13 - 2016-06-18 19:13 - 00001127 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kamera - Verknüpfung.lnk
2016-06-18 19:13 - 2016-06-18 19:13 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Adobe
2016-06-18 18:56 - 2016-06-19 14:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-18 18:56 - 2016-06-18 18:56 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 14.lnk
2016-06-18 18:54 - 2016-06-19 10:27 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-18 18:54 - 2016-06-19 10:26 - 00000000 ____D C:\Program Files\Adobe
2016-06-18 18:54 - 2013-09-03 12:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2016-06-18 18:54 - 2012-04-24 12:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2016-06-18 18:54 - 2012-04-24 12:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2016-06-18 18:50 - 2016-06-18 18:50 - 00000000 ____D C:\Users\ulfw\ReadMe
2016-06-18 18:48 - 2016-06-18 18:50 - 00000000 ____D C:\Users\ulfw\PSE 14
2016-06-18 16:12 - 2016-06-19 14:43 - 00000000 ____D C:\ProgramData\Adobe
2016-06-18 16:11 - 2016-06-27 08:51 - 00000000 ____D C:\Users\ulfw\AppData\Local\Adobe
2016-06-18 14:27 - 2016-06-18 14:27 - 00000000 ____D C:\Users\ulfw\AppData\Local\ElevatedDiagnostics
2016-06-18 12:53 - 2016-06-18 12:53 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2016-06-18 12:52 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-06-18 12:52 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-18 12:52 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-18 12:52 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-18 12:52 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-18 12:52 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-18 12:52 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-18 12:52 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-18 12:52 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-18 12:52 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-18 12:52 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-18 12:52 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-06-18 12:52 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-18 12:52 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-18 12:52 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-18 12:52 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-18 12:52 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2016-06-18 12:52 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-18 12:52 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-18 12:52 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-18 12:52 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-18 12:52 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-18 12:52 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-18 12:52 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-18 12:52 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-06-18 12:52 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-18 12:52 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-18 12:52 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-18 12:52 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-18 12:52 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-06-18 12:52 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-18 12:52 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-18 12:52 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-18 12:52 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-18 12:52 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-18 12:52 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-18 12:52 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-06-18 12:52 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-18 12:52 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-18 12:52 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-18 12:52 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-18 12:52 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-18 12:52 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-18 12:52 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-18 12:52 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-18 12:52 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-18 12:52 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-06-18 12:52 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-18 12:52 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-18 12:52 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-18 12:52 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-18 12:52 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-18 12:52 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-06-18 12:52 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-18 12:52 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-18 12:52 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-18 12:52 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-18 12:52 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-18 12:52 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-18 12:52 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-18 12:52 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-18 12:52 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-18 12:52 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-18 12:52 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-18 12:52 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-18 12:52 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-18 12:52 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-18 12:52 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-18 12:52 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-18 12:52 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-18 12:52 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-18 12:52 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-18 12:52 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-18 12:52 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-18 12:52 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-06-18 12:52 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-18 12:52 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-06-18 12:52 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-18 12:52 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-18 12:52 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-18 12:52 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-18 12:52 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-18 12:52 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-18 12:52 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-18 12:52 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-06-18 12:52 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-18 12:52 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-18 12:52 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-18 12:52 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-18 12:52 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-18 12:52 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-18 12:52 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-18 12:52 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-06-15 21:59 - 2016-06-15 21:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-09 21:33 - 2016-06-09 21:41 - 00000000 ____D C:\Users\ulfw\AppData\Local\Thunderbird
2016-06-09 21:33 - 2016-06-09 21:33 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Thunderbird
2016-06-09 21:33 - 2016-06-09 21:33 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Mozilla
2016-06-09 21:32 - 2016-06-09 21:32 - 00001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-06-09 21:32 - 2016-06-09 21:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-09 21:32 - 2016-06-09 21:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 17:47 - 2016-06-09 17:47 - 00000751 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netz-Freiga.lnk
2016-06-09 17:24 - 2016-06-09 17:24 - 00000000 ____H C:\Users\ulfw\Documents\Default.rdp
2016-06-09 11:51 - 2016-06-09 11:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\TeamViewer
2016-06-09 11:50 - 2016-06-09 11:51 - 02734008 _____ (TeamViewer GmbH) C:\Users\ulfw\Desktop\gunnarsupporttool.exe
2016-06-07 14:43 - 2016-06-07 14:48 - 00000118 _____ C:\Users\ulfw\Documents\W-10.txt
2016-06-07 11:57 - 2016-06-07 11:57 - 00000000 ____D C:\Web
2016-06-07 11:18 - 2016-06-07 11:18 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Lenovo
2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\.QtWebEngineProcess
2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\.LSC
2016-06-06 16:38 - 2016-06-06 16:38 - 00000000 ____D C:\Download
2016-06-06 16:01 - 2016-06-06 16:01 - 00001205 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tresore.lnk
2016-06-06 15:58 - 2016-06-06 15:58 - 00001411 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schlösser.lnk
2016-06-06 15:50 - 2016-02-12 17:20 - 00459536 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmd.sys
2016-06-06 15:50 - 2016-02-12 17:20 - 00026896 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmdldr.sys
2016-06-06 15:49 - 2016-06-06 15:49 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2016-06-06 15:47 - 2016-06-06 15:47 - 01447960 _____ (DisplayLink Corp.) C:\Windows\system32\DisplayLinkUsbCo64_7.9.1488.0.dll
2016-06-06 15:47 - 2016-06-06 15:47 - 00067344 _____ () C:\Windows\system32\Drivers\DisplayLinkUsbIo_x64_7.9.1488.0.sys
2016-06-05 19:27 - 2016-06-09 08:43 - 00001160 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos-fertig.lnk
2016-06-05 12:05 - 2016-06-26 08:02 - 00001230 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TresoreAnder.lnk
2016-06-05 12:05 - 2016-06-05 12:05 - 00001207 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Archiv.lnk
2016-06-05 11:36 - 2016-06-05 11:36 - 00001177 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schlos-Bilder.lnk
2016-06-05 11:29 - 2016-06-05 11:29 - 00001187 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tresor-Bilder.lnk
2016-06-05 08:59 - 2016-06-05 08:59 - 00000028 _____ C:\Windows\OutLog.txt
2016-06-04 20:18 - 2016-06-05 09:33 - 00000000 ____D C:\Users\ulfw\Tracing
2016-06-04 20:17 - 2016-06-04 20:17 - 00002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-04 20:15 - 2016-06-04 20:15 - 00000000 ____D C:\Windows\de
2016-06-04 20:14 - 2016-06-09 10:03 - 00000000 ____D C:\Users\ulfw\AppData\Local\Windows Live
2016-06-04 20:14 - 2016-06-04 20:17 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-06-04 20:14 - 2016-06-04 20:14 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-06-04 20:14 - 2016-06-04 20:14 - 00001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-06-04 20:14 - 2016-06-04 20:14 - 00001365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Windows\PCHEALTH
2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Program Files\Windows Live
2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-06-04 20:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-06-04 20:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-04 20:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-04 20:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-06-04 20:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-04 20:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-06-04 20:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-04 20:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-04 20:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-04 20:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-06-04 20:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-04 20:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-06-04 16:00 - 2016-06-04 16:00 - 00001344 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Explorer.lnk
2016-06-04 14:42 - 2016-06-26 20:20 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nitro PDF
2016-06-04 14:28 - 2016-06-04 14:28 - 00000000 ___HD C:\Lenovo
2016-06-04 11:41 - 2016-06-04 11:43 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Audacity
2016-06-04 11:41 - 2016-06-04 11:41 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-06-04 11:41 - 2016-06-04 11:41 - 00000000 ____D C:\Users\ulfw\AppData\Local\Audacity
2016-06-04 11:41 - 2016-06-04 11:41 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-06-03 20:27 - 2016-06-03 20:27 - 00002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-06-03 20:27 - 2016-06-03 20:27 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Google
2016-06-03 20:22 - 2016-06-19 10:43 - 00002515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nitro
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\FileOpen
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\ProgramData\Nitro
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\ProgramData\FileOpen
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Program Files\Common Files\Nitro
2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Program Files (x86)\Nitro
2016-06-03 20:22 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2016-06-03 20:22 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2016-06-03 20:21 - 2016-06-03 20:21 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Downloaded Installations
2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\OpenOffice
2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-06-03 18:37 - 2016-06-05 09:04 - 00001989 ____H C:\Windows\EPMBatch.ept
2016-06-03 18:26 - 2016-06-03 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0
2016-06-03 18:26 - 2016-04-26 01:29 - 03563712 _____ C:\Windows\system32\BootMan.exe
2016-06-03 18:26 - 2016-04-26 01:29 - 02662592 _____ C:\Windows\SysWOW64\BootMan.exe
2016-06-03 18:26 - 2016-01-20 12:07 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe
2016-06-03 18:26 - 2016-01-20 12:07 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2016-06-03 18:26 - 2016-01-20 12:07 - 00018016 _____ C:\Windows\system32\epmntdrv.sys
2016-06-03 18:26 - 2016-01-20 12:07 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys
2016-06-03 18:26 - 2016-01-20 12:07 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys
2016-06-03 18:26 - 2016-01-20 12:07 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2016-06-03 18:26 - 2014-11-18 14:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2016-06-03 18:26 - 2014-11-18 14:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll
2016-06-03 17:28 - 2016-06-03 17:28 - 00000000 ____D C:\ProgramData\Nikon
2016-06-03 16:43 - 2016-06-03 16:43 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nikon
2016-06-03 15:06 - 2016-06-06 16:25 - 00000000 ____D C:\Program Files\Nikon
2016-06-03 15:06 - 2016-06-03 16:43 - 00000000 ____D C:\Users\ulfw\AppData\Local\Nikon
2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\Users\ulfw\AppData\Local\Downloaded Installations
2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\Program Files (x86)\Nikon
2016-06-03 15:06 - 2016-06-03 15:06 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\Users\ulfw\AppData\Roaming\Standard
2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\Users\ulfw\AppData\Roaming\Speech Enhancer
2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\ProgramData\StatusSheet
2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\ProgramData\StartupItems
2016-06-03 15:06 - 2016-06-03 15:06 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2016-06-03 15:06 - 2016-06-03 15:06 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Vocal Transformer
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Ultima_T15
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX-i
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\grep
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\EnterNHelp
2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\Program Files\Common Files\Nikon
2016-06-03 15:05 - 2016-06-03 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
2016-06-02 21:44 - 2016-06-02 21:44 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\epm
2016-06-02 20:58 - 2015-12-10 06:10 - 00192552 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys
2016-06-02 20:58 - 2015-12-10 06:10 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys
2016-06-02 20:58 - 2015-12-10 06:10 - 00048168 _____ C:\Windows\system32\Drivers\EUBKMON.sys
2016-06-02 20:58 - 2015-12-10 06:10 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys
2016-06-02 20:55 - 2016-06-03 18:27 - 00000000 ____D C:\Program Files (x86)\EaseUS
2016-06-02 19:30 - 2016-06-26 09:09 - 00000000 ___HD C:\$AVG
2016-06-02 19:30 - 2016-06-02 19:30 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\TuneUp Software
2016-06-02 19:30 - 2016-06-02 19:30 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\AVG
2016-06-02 19:28 - 2016-06-26 09:10 - 00000000 ____D C:\ProgramData\MFAData
2016-06-02 19:28 - 2016-06-02 19:28 - 00000000 ____D C:\Users\ulfw\AppData\Local\MFAData
2016-06-02 19:27 - 2016-06-26 09:12 - 00000000 ____D C:\Program Files (x86)\AVG
2016-06-02 18:50 - 2016-06-26 09:12 - 00000000 ____D C:\Users\ulfw\AppData\Local\AvgSetupLog
2016-06-02 18:50 - 2016-06-26 09:12 - 00000000 ____D C:\ProgramData\Avg
2016-06-02 18:50 - 2016-06-26 09:10 - 00000000 ____D C:\Users\ulfw\AppData\Local\Avg
2016-06-02 17:56 - 2016-06-06 13:39 - 00000000 ___RD C:\UlfAntik
2016-06-02 16:39 - 2016-06-02 16:39 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-06-02 16:22 - 2016-06-25 21:57 - 00000000 ____D C:\ProgramData\Skype
2016-06-02 16:22 - 2016-06-25 21:40 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Skype
2016-06-02 16:12 - 2016-06-02 16:12 - 00000000 ____D C:\Users\ulfw\Downloads\SHAREit
2016-06-02 16:12 - 2016-06-02 16:12 - 00000000 ____D C:\Users\ulfw\AppData\Local\SHAREit
2016-06-02 16:04 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-02 15:58 - 2016-06-18 12:55 - 00000000 ____D C:\Windows\system32\MRT
2016-06-02 15:58 - 2016-06-18 12:53 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-02 15:58 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-02 15:58 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-02 15:58 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-02 15:58 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-02 15:58 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-02 15:58 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-02 15:58 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-02 15:58 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-06-02 15:58 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-02 15:58 - 2016-03-16 06:45 - 00140536 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-06-02 15:58 - 2016-03-16 06:37 - 01010016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-06-02 15:58 - 2016-03-16 05:47 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-02 15:58 - 2016-03-16 05:45 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2016-06-02 15:58 - 2016-03-16 05:42 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-02 15:58 - 2016-03-16 05:38 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-06-02 15:58 - 2016-03-16 05:37 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-06-02 15:58 - 2016-03-16 05:36 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-06-02 15:58 - 2016-03-16 05:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-06-02 15:58 - 2016-03-16 05:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-06-02 15:58 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-06-02 15:58 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-06-02 15:58 - 2016-03-16 05:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-06-02 15:58 - 2016-03-16 05:13 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-06-02 15:58 - 2016-02-23 16:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-06-02 15:58 - 2016-02-23 16:43 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-06-02 15:58 - 2016-02-23 16:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-06-02 15:58 - 2016-02-23 15:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-06-02 15:58 - 2016-02-23 14:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-02 15:58 - 2016-01-31 07:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-06-02 15:58 - 2016-01-31 07:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-02 15:58 - 2016-01-31 07:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-06-02 15:58 - 2016-01-31 07:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-06-02 15:58 - 2016-01-05 03:57 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-02 15:58 - 2015-11-25 07:40 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-06-02 15:58 - 2015-11-25 06:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-06-02 15:58 - 2015-11-25 06:30 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-06-02 15:58 - 2015-11-25 06:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-06-02 15:58 - 2015-11-25 06:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-06-02 15:58 - 2015-11-05 07:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-06-02 15:58 - 2015-11-05 07:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-02 15:58 - 2015-11-05 07:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-06-02 15:58 - 2015-11-05 06:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-06-02 15:58 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-06-02 15:58 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-02 15:58 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-06-02 15:58 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-06-02 15:58 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-06-02 15:58 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-02 15:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-02 15:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-02 15:57 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-02 15:57 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-06-02 15:57 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-06-02 15:57 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-02 15:57 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-06-02 15:57 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-06-02 15:57 - 2016-03-16 06:56 - 03467784 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-06-02 15:57 - 2016-03-16 06:55 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-02 15:57 - 2016-03-16 06:21 - 01531888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-02 15:57 - 2016-03-16 05:40 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-06-02 15:57 - 2016-03-16 05:39 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-06-02 15:57 - 2016-03-16 05:37 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-06-02 15:57 - 2016-03-16 05:36 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-06-02 15:57 - 2016-03-16 05:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-06-02 15:57 - 2016-03-16 05:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-06-02 15:57 - 2016-03-16 05:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-06-02 15:57 - 2016-03-16 05:13 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-06-02 15:57 - 2016-02-23 16:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-06-02 15:57 - 2016-02-23 14:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-06-02 15:57 - 2016-02-23 13:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-02 15:57 - 2016-02-23 13:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-06-02 15:57 - 2016-02-23 12:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-06-02 15:57 - 2016-02-23 12:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-02 15:57 - 2016-02-23 12:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-06-02 15:57 - 2016-01-31 08:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-06-02 15:57 - 2016-01-31 08:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-06-02 15:57 - 2016-01-31 07:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-02 15:57 - 2016-01-31 07:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-02 15:57 - 2016-01-31 07:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-06-02 15:57 - 2016-01-31 07:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-06-02 15:57 - 2016-01-05 05:07 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-06-02 15:57 - 2016-01-05 05:07 - 00377592 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-06-02 15:57 - 2016-01-05 05:06 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-06-02 15:57 - 2016-01-05 05:06 - 00119800 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-06-02 15:57 - 2016-01-05 05:04 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-06-02 15:57 - 2016-01-05 05:04 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-06-02 15:57 - 2016-01-05 05:04 - 00787720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-06-02 15:57 - 2016-01-05 05:04 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-06-02 15:57 - 2016-01-05 05:04 - 00779928 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-06-02 15:57 - 2016-01-05 05:04 - 00233992 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2016-06-02 15:57 - 2016-01-05 05:04 - 00090912 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-06-02 15:57 - 2016-01-05 05:04 - 00083704 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-06-02 15:57 - 2016-01-05 04:50 - 00345080 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-06-02 15:57 - 2016-01-05 04:50 - 00205072 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-06-02 15:57 - 2016-01-05 04:30 - 02459096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-06-02 15:57 - 2016-01-05 04:30 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-06-02 15:57 - 2016-01-05 04:30 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-06-02 15:57 - 2016-01-05 04:30 - 00368776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-06-02 15:57 - 2016-01-05 04:30 - 00100712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-06-02 15:57 - 2016-01-05 04:29 - 00208688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2016-06-02 15:57 - 2016-01-05 04:28 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-06-02 15:57 - 2016-01-05 04:28 - 00695752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-06-02 15:57 - 2016-01-05 04:28 - 00645144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-06-02 15:57 - 2016-01-05 04:28 - 00635312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-06-02 15:57 - 2016-01-05 04:28 - 00082096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-06-02 15:57 - 2016-01-05 04:15 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\usermgrcli.dll
2016-06-02 15:57 - 2016-01-05 04:10 - 00305776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-06-02 15:57 - 2016-01-05 04:10 - 00188032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-06-02 15:57 - 2016-01-05 04:02 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-06-02 15:57 - 2016-01-05 04:02 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-02 15:57 - 2016-01-05 04:02 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-06-02 15:57 - 2016-01-05 04:01 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-06-02 15:57 - 2016-01-05 03:57 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2016-06-02 15:57 - 2016-01-05 03:32 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-06-02 15:57 - 2016-01-05 03:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-02 15:57 - 2016-01-05 03:31 - 00563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-06-02 15:57 - 2016-01-05 03:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-06-02 15:57 - 2015-11-25 06:49 - 01569280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-02 15:57 - 2015-11-25 06:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-06-02 15:57 - 2015-11-25 06:18 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-02 15:57 - 2015-11-25 06:10 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-06-02 15:57 - 2015-11-05 07:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-06-02 15:57 - 2015-11-05 07:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-06-02 15:57 - 2015-11-05 06:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-06-02 15:57 - 2015-11-05 06:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-06-02 15:57 - 2015-11-05 06:17 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-02 15:57 - 2015-11-05 06:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-06-02 15:57 - 2015-11-05 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-06-02 15:57 - 2015-11-05 05:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-06-02 15:57 - 2015-11-05 05:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-02 15:57 - 2015-11-05 05:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-06-02 15:57 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-02 15:57 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-02 15:57 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-02 15:57 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-06-02 15:57 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-06-02 15:57 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-06-02 15:57 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-06-02 15:57 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-06-02 15:57 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-06-02 15:57 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2016-06-02 15:57 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-06-02 15:57 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2016-06-02 15:57 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-06-02 15:57 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2016-06-02 15:57 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-06-02 15:57 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2016-06-02 15:57 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2016-06-02 15:57 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-02 15:57 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-02 15:56 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-02 15:56 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-02 15:56 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-02 15:56 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-02 15:56 - 2016-03-16 06:56 - 01022664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-02 15:56 - 2016-03-16 06:56 - 00861512 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ C:\Windows\system32\CoreUIComponents.dll
2016-06-02 15:56 - 2016-03-16 06:55 - 01299032 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-02 15:56 - 2016-03-16 06:55 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-02 15:56 - 2016-03-16 06:39 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-06-02 15:56 - 2016-03-16 06:21 - 01767000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-06-02 15:56 - 2016-03-16 05:49 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-06-02 15:56 - 2016-03-16 05:44 - 01016832 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-02 15:56 - 2016-03-16 05:42 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-02 15:56 - 2016-03-16 05:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-06-02 15:56 - 2016-03-16 05:39 - 03363328 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-02 15:56 - 2016-03-16 05:35 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-02 15:56 - 2016-03-16 05:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll
2016-06-02 15:56 - 2016-03-16 05:34 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-06-02 15:56 - 2016-03-16 05:18 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-06-02 15:56 - 2016-03-16 05:17 - 03680256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-02 15:56 - 2016-03-16 05:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-06-02 15:56 - 2016-03-16 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-06-02 15:56 - 2016-03-16 05:11 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-06-02 15:56 - 2016-02-23 16:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-02 15:56 - 2016-02-23 15:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-02 15:56 - 2016-02-23 13:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-06-02 15:56 - 2016-02-23 13:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-06-02 15:56 - 2016-02-23 13:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-06-02 15:56 - 2016-02-23 13:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-06-02 15:56 - 2016-02-23 12:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-06-02 15:56 - 2016-02-23 12:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-06-02 15:56 - 2016-02-23 12:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-06-02 15:56 - 2016-02-23 12:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-06-02 15:56 - 2016-02-23 12:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-06-02 15:56 - 2016-02-23 12:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-06-02 15:56 - 2016-01-31 08:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-06-02 15:56 - 2016-01-31 08:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-02 15:56 - 2016-01-31 08:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-06-02 15:56 - 2016-01-31 08:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-02 15:56 - 2016-01-31 07:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-06-02 15:56 - 2016-01-31 07:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-02 15:56 - 2016-01-05 05:06 - 01991120 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-06-02 15:56 - 2016-01-05 05:06 - 01270104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-06-02 15:56 - 2016-01-05 05:04 - 00862056 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-06-02 15:56 - 2016-01-05 05:04 - 00751992 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-06-02 15:56 - 2016-01-05 05:04 - 00667856 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-02 15:56 - 2016-01-05 05:04 - 00115704 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-06-02 15:56 - 2016-01-05 04:50 - 00723648 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-02 15:56 - 2016-01-05 04:30 - 02162064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-06-02 15:56 - 2016-01-05 04:30 - 01106872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-06-02 15:56 - 2016-01-05 04:28 - 00714808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-06-02 15:56 - 2016-01-05 04:28 - 00696192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-06-02 15:56 - 2016-01-05 04:28 - 00497896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-02 15:56 - 2016-01-05 04:28 - 00107952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-06-02 15:56 - 2016-01-05 04:28 - 00072808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-06-02 15:56 - 2016-01-05 04:15 - 00931328 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-06-02 15:56 - 2016-01-05 04:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-02 15:56 - 2016-01-05 03:51 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-06-02 15:56 - 2016-01-05 03:51 - 01009664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-06-02 15:56 - 2016-01-05 03:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-06-02 15:56 - 2016-01-05 03:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-06-02 15:56 - 2016-01-05 03:51 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-06-02 15:56 - 2016-01-05 03:42 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-06-02 15:56 - 2016-01-05 03:20 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-06-02 15:56 - 2016-01-05 03:19 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-06-02 15:56 - 2016-01-05 03:19 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-06-02 15:56 - 2016-01-05 03:19 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-06-02 15:56 - 2016-01-05 03:19 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-06-02 15:56 - 2015-11-25 07:27 - 01366680 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-06-02 15:56 - 2015-11-25 07:09 - 01310880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-06-02 15:56 - 2015-11-25 06:37 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-02 15:56 - 2015-11-25 06:36 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-02 15:56 - 2015-11-25 06:35 - 00929792 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-02 15:56 - 2015-11-25 06:35 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2016-06-02 15:56 - 2015-11-25 06:29 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-06-02 15:56 - 2015-11-25 06:29 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2016-06-02 15:56 - 2015-11-25 06:23 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-02 15:56 - 2015-11-25 06:22 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-06-02 15:56 - 2015-11-25 06:22 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-06-02 15:56 - 2015-11-25 06:17 - 00774656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-02 15:56 - 2015-11-25 06:16 - 01442816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-02 15:56 - 2015-11-25 06:16 - 00786432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2016-06-02 15:56 - 2015-11-25 06:13 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-02 15:56 - 2015-11-25 06:10 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-06-02 15:56 - 2015-11-25 06:04 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-06-02 15:56 - 2015-11-05 06:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-06-02 15:56 - 2015-11-05 06:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-02 15:56 - 2015-11-05 05:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-06-02 15:56 - 2015-11-05 05:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-06-02 15:56 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-02 15:56 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-02 15:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-06-02 15:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-02 15:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-06-02 15:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-06-02 15:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-06-02 15:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-02 15:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-06-02 15:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-02 15:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-02 15:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-06-02 15:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-06-02 15:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-06-02 15:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-02 15:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-02 15:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-06-02 15:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-02 15:56 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-06-02 15:55 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-06-02 15:55 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-06-02 15:55 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-06-02 15:55 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-06-02 15:55 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-02 15:55 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-02 15:55 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-06-02 15:55 - 2016-03-16 06:54 - 00595016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-02 15:55 - 2016-03-16 06:47 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-02 15:55 - 2016-03-16 06:46 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-06-02 15:55 - 2016-03-16 06:11 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-02 15:55 - 2016-03-16 05:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-06-02 15:55 - 2016-03-16 05:55 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-06-02 15:55 - 2016-03-16 05:55 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-06-02 15:55 - 2016-03-16 05:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-02 15:55 - 2016-03-16 05:49 - 01416192 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-02 15:55 - 2016-03-16 05:43 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-06-02 15:55 - 2016-03-16 05:42 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-06-02 15:55 - 2016-03-16 05:40 - 00931840 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-02 15:55 - 2016-03-16 05:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-02 15:55 - 2016-03-16 05:40 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-06-02 15:55 - 2016-03-16 05:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-06-02 15:55 - 2016-03-16 05:37 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-02 15:55 - 2016-03-16 05:37 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-06-02 15:55 - 2016-03-16 05:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-06-02 15:55 - 2016-03-16 05:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-06-02 15:55 - 2016-03-16 05:36 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-06-02 15:55 - 2016-03-16 05:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-06-02 15:55 - 2016-03-16 05:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-06-02 15:55 - 2016-03-16 05:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-06-02 15:55 - 2016-03-16 05:36 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-06-02 15:55 - 2016-03-16 05:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-06-02 15:55 - 2016-03-16 05:35 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-06-02 15:55 - 2016-03-16 05:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-06-02 15:55 - 2016-03-16 05:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-06-02 15:55 - 2016-03-16 05:31 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-06-02 15:55 - 2016-03-16 05:20 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-06-02 15:55 - 2016-03-16 05:17 - 00842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-02 15:55 - 2016-03-16 05:17 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-06-02 15:55 - 2016-03-16 05:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-06-02 15:55 - 2016-03-16 05:14 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-06-02 15:55 - 2016-03-16 05:14 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-06-02 15:55 - 2016-03-16 05:14 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-06-02 15:55 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-06-02 15:55 - 2016-02-23 16:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-06-02 15:55 - 2016-02-23 16:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-06-02 15:55 - 2016-02-23 16:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-06-02 15:55 - 2016-02-23 16:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-06-02 15:55 - 2016-02-23 16:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-06-02 15:55 - 2016-02-23 15:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-06-02 15:55 - 2016-02-23 15:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-06-02 15:55 - 2016-02-23 15:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-06-02 15:55 - 2016-02-23 15:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-06-02 15:55 - 2016-02-23 15:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-06-02 15:55 - 2016-02-23 15:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-06-02 15:55 - 2016-02-23 13:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-06-02 15:55 - 2016-02-23 13:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-06-02 15:55 - 2016-02-23 13:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-06-02 15:55 - 2016-02-23 13:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-06-02 15:55 - 2016-02-23 12:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-06-02 15:55 - 2016-01-31 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-06-02 15:55 - 2016-01-31 07:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-06-02 15:55 - 2016-01-31 07:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-02 15:55 - 2016-01-31 07:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-06-02 15:55 - 2016-01-31 07:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-06-02 15:55 - 2016-01-31 07:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-06-02 15:55 - 2016-01-31 07:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-02 15:55 - 2016-01-05 05:04 - 00772448 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-02 15:55 - 2016-01-05 05:04 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-06-02 15:55 - 2016-01-05 05:04 - 00249464 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-06-02 15:55 - 2016-01-05 05:04 - 00243248 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-06-02 15:55 - 2016-01-05 04:52 - 00441696 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-02 15:55 - 2016-01-05 04:50 - 01817064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-06-02 15:55 - 2016-01-05 04:50 - 00251544 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-06-02 15:55 - 2016-01-05 04:30 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-06-02 15:55 - 2016-01-05 04:28 - 00277400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-06-02 15:55 - 2016-01-05 04:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2016-06-02 15:55 - 2016-01-05 04:10 - 00278424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-06-02 15:55 - 2016-01-05 03:38 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2016-06-02 15:55 - 2015-11-25 07:42 - 00168288 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-02 15:55 - 2015-11-25 06:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-06-02 15:55 - 2015-11-25 06:49 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-02 15:55 - 2015-11-25 06:49 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2016-06-02 15:55 - 2015-11-25 06:48 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\EthernetMediaManager.dll
2016-06-02 15:55 - 2015-11-25 06:48 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\DAMediaManager.dll
2016-06-02 15:55 - 2015-11-25 06:31 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2016-06-02 15:55 - 2015-11-25 06:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2016-06-02 15:55 - 2015-11-25 06:26 - 00849408 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-06-02 15:55 - 2015-11-25 06:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2016-06-02 15:55 - 2015-11-25 06:08 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-06-02 15:55 - 2015-11-25 06:04 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-06-02 15:55 - 2015-11-25 06:04 - 00474624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-02 15:55 - 2015-11-25 04:52 - 00775312 _____ C:\Windows\SysWOW64\locale.nls
2016-06-02 15:55 - 2015-11-25 04:52 - 00775312 _____ C:\Windows\system32\locale.nls
2016-06-02 15:55 - 2015-11-05 06:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2016-06-02 15:55 - 2015-11-05 05:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-06-02 15:55 - 2015-11-05 05:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2016-06-02 15:55 - 2015-11-05 05:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-06-02 15:55 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-02 15:55 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-06-02 15:55 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-06-02 15:55 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-02 15:55 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-06-02 15:55 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-02 15:55 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-06-02 15:55 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-06-02 15:55 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2016-06-02 15:55 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-06-02 15:55 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-06-02 15:55 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-06-02 15:55 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-06-02 15:55 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-06-02 15:55 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-06-02 15:55 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-06-02 15:55 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-06-02 15:55 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-06-02 15:55 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-06-02 15:55 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-02 15:55 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-02 15:55 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-06-02 15:55 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-02 15:55 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-02 15:55 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-02 15:55 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-02 15:55 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-02 15:55 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-02 15:55 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-02 15:55 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-06-02 15:55 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-02 15:55 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-02 15:55 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-06-02 15:55 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-06-02 15:55 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-06-02 15:55 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-06-02 15:55 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-06-02 15:55 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2016-06-02 15:55 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-06-02 15:55 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-06-02 15:55 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-06-02 15:55 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2016-06-02 15:55 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-06-02 15:55 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-06-02 15:55 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-02 15:55 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-06-02 15:55 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-06-02 15:55 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2016-06-02 15:55 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-06-02 15:55 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-06-02 15:55 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-06-02 15:55 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-06-02 15:55 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-06-02 15:55 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-06-02 15:55 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-06-02 15:55 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-06-02 15:55 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-06-02 15:55 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-06-02 15:55 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-02 15:55 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-02 15:55 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-06-02 15:55 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-02 15:55 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-02 15:55 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-06-02 15:55 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-02 15:55 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2016-06-02 15:55 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2016-06-02 15:55 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-02 15:55 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-06-02 15:55 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-06-02 15:55 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-06-02 15:55 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-06-02 15:55 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-02 15:55 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-02 15:55 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-06-02 15:55 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-06-02 15:55 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-02 15:55 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-06-02 15:55 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-02 15:54 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-06-02 15:54 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-02 15:54 - 2016-03-16 06:41 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-06-02 15:54 - 2016-03-16 06:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-02 15:54 - 2016-03-16 06:06 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-06-02 15:54 - 2016-03-16 05:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2016-06-02 15:54 - 2016-03-16 05:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-06-02 15:54 - 2016-03-16 05:55 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-06-02 15:54 - 2016-03-16 05:47 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-02 15:54 - 2016-03-16 05:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-02 15:54 - 2016-03-16 05:46 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-06-02 15:54 - 2016-03-16 05:43 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-06-02 15:54 - 2016-03-16 05:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-06-02 15:54 - 2016-03-16 05:40 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-06-02 15:54 - 2016-03-16 05:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-06-02 15:54 - 2016-03-16 05:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-06-02 15:54 - 2016-03-16 05:36 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-06-02 15:54 - 2016-03-16 05:35 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-06-02 15:54 - 2016-03-16 05:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-06-02 15:54 - 2016-03-16 05:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-02 15:54 - 2016-03-16 05:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-06-02 15:54 - 2016-03-16 05:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-02 15:54 - 2016-03-16 05:17 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2016-06-02 15:54 - 2016-03-16 05:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-06-02 15:54 - 2016-03-16 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-06-02 15:54 - 2016-02-23 16:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-06-02 15:54 - 2016-02-23 16:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-02 15:54 - 2016-02-23 15:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-06-02 15:54 - 2016-02-23 14:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-06-02 15:54 - 2016-02-23 14:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-02 15:54 - 2016-02-23 14:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-02 15:54 - 2016-02-23 13:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-02 15:54 - 2016-02-23 13:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-06-02 15:54 - 2016-01-31 07:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-02 15:54 - 2016-01-31 07:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-06-02 15:54 - 2016-01-31 07:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-06-02 15:54 - 2016-01-31 06:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-06-02 15:54 - 2016-01-05 04:28 - 00116728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-06-02 15:54 - 2016-01-05 04:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-06-02 15:54 - 2016-01-05 04:09 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-06-02 15:54 - 2016-01-05 03:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-06-02 15:54 - 2016-01-05 03:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usermgrcli.dll
2016-06-02 15:54 - 2015-12-01 08:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2016-06-02 15:54 - 2015-11-25 07:32 - 00113184 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-06-02 15:54 - 2015-11-25 06:59 - 00092992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-06-02 15:54 - 2015-11-25 06:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-06-02 15:54 - 2015-11-05 06:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-02 15:54 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-02 15:54 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-06-02 15:54 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-02 15:54 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-06-02 15:54 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-06-02 15:54 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-06-02 15:54 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-02 15:54 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-06-02 15:54 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-02 15:54 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-06-02 15:54 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-06-02 15:54 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-02 15:54 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-06-02 15:54 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2016-06-02 15:54 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-02 15:54 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-02 15:54 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-06-02 15:54 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-06-02 15:54 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-06-02 15:54 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-06-02 15:54 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2016-06-02 15:54 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2016-06-02 15:54 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2016-06-02 15:54 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-06-02 15:54 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-06-02 15:54 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-02 15:54 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-02 15:54 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-06-02 15:54 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2016-06-02 15:54 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-02 15:54 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2016-06-02 15:54 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2016-06-02 15:54 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-02 15:54 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-02 15:54 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-06-02 15:54 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2016-06-02 15:27 - 2016-06-27 07:55 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{931BFAFD-4B01-497B-955E-2018BD63BFBA}
2016-06-02 15:15 - 2016-06-09 12:14 - 00001379 _____ C:\Users\Public\Documents\Lenovo.Portal.txt
2016-06-01 20:58 - 2016-06-18 13:07 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-01 20:57 - 2016-06-27 09:07 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-01 20:57 - 2016-06-27 07:53 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

werama · 27.06.2016, 08:54

Code:

ATTFilter

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-01 20:57 - 2016-06-27 07:53 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-01 20:57 - 2016-06-26 09:01 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-01 20:57 - 2016-06-26 09:01 - 00003438 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-01 20:57 - 2016-06-03 20:27 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-01 20:57 - 2016-06-03 14:10 - 00000000 ____D C:\Users\ulfw\AppData\Local\Google
2016-06-01 20:54 - 2016-06-09 11:42 - 00000000 ____D C:\Users\ulfw\AppData\Local\Comms
2016-06-01 20:26 - 2016-06-01 20:26 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Temp
2016-06-01 20:19 - 2016-06-01 20:19 - 00000000 ___RD C:\Users\ulfw\3D Objects
2016-06-01 19:55 - 2016-06-01 19:55 - 00000000 ____D C:\Users\ulfw\AppData\Local\NetworkTiles
2016-06-01 17:07 - 2016-06-01 20:46 - 00000000 ____D C:\Users\ulfw\AppData\Local\MicrosoftEdge
2016-06-01 17:05 - 2016-06-01 17:05 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Lenovo
2016-06-01 16:59 - 2016-06-01 16:59 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\LSC
2016-06-01 16:51 - 2016-06-01 16:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Macromedia
2016-06-01 16:51 - 2016-06-01 16:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Intel Corporation
2016-06-01 16:50 - 2016-06-01 16:51 - 00002367 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-01 16:50 - 2016-06-01 16:51 - 00000000 ___RD C:\Users\ulfw\OneDrive
2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\REACHit
2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\AppData\Local\Publishers
2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\AppData\Local\CyberLink
2016-06-01 16:48 - 2016-06-27 07:53 - 00000000 ____D C:\Users\ulfw\AppData\Local\Lenovo
2016-06-01 16:48 - 2016-06-27 07:52 - 00000000 __SHD C:\Users\ulfw\IntelGraphicsProfiles
2016-06-01 16:48 - 2016-06-25 22:17 - 00000000 ____D C:\Users\ulfw
2016-06-01 16:48 - 2016-06-25 20:05 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Adobe
2016-06-01 16:48 - 2016-06-04 15:05 - 00000000 ____D C:\Users\ulfw\AppData\Local\Packages
2016-06-01 16:48 - 2016-06-01 16:48 - 00016148 _____ C:\Windows\system32\DESKTOP-3REOR0Q_defaultuser0_HistoryPrediction.bin
2016-06-01 16:48 - 2016-06-01 16:48 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-06-01 16:48 - 2016-06-01 16:48 - 00000020 ___SH C:\Users\ulfw\ntuser.ini
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\My Documents
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Videos
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Pictures
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Music
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Windows\system32\LSC
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Intel
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Local\VirtualStore
2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Local\TileDataLayer
2016-06-01 16:47 - 2016-06-01 16:47 - 36637152 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 36637152 _____ (Intel Corporation) C:\Windows\system32\dlumdfb9.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 35700096 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 35700096 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb9.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 31575776 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 30246816 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 29101576 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 19861512 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 13464072 _____ (Intel Corporation) C:\Windows\system32\ig9icd64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 13426560 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb11.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb10.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 10221584 _____ (Intel Corporation) C:\Windows\SysWOW64\ig9icd32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 06560024 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 05797102 _____ C:\Windows\system32\igdclbif.bin
2016-06-01 16:47 - 2016-06-01 16:47 - 05684232 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 05262856 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 05029432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 04668424 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 04455640 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 04302072 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 04113424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 03969544 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01898928 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01816720 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01814064 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01576968 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01517456 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01167888 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01026464 _____ C:\Windows\system32\igfxSDK.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00961960 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00958376 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00819449 _____ C:\Windows\system32\DisplayAudiox64.cab
2016-06-01 16:47 - 2016-06-01 16:47 - 00626696 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00618920 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00535968 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00466336 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00438792 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00435096 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00433968 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00415752 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00390152 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00388616 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00381936 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00379800 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00350224 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCComp64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00318472 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00310160 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00300968 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00295024 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00273424 _____ C:\Windows\system32\igfxCPL.cpl
2016-06-01 16:47 - 2016-06-01 16:47 - 00266248 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00255496 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00242160 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00236456 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00231840 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00231336 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00225288 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00222736 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00206344 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4326.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00205360 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00193032 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00181328 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00174504 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00173584 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00111624 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00103944 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00103440 _____ C:\Windows\system32\igfxCUIServicePS.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00100872 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00099848 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00095240 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00083464 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00055248 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00052736 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00041296 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00040931 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00040343 _____ C:\Windows\system32\iglhxo64.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00040316 _____ C:\Windows\system32\iglhxc64.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00039798 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00039658 _____ C:\Windows\system32\iglhxg64.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00029192 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00029192 _____ ( ) C:\Windows\system32\igfxDILib.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00027664 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00027656 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00022536 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00022536 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00004690 _____ C:\Windows\system32\iglhxs64.vp
2016-06-01 16:47 - 2016-06-01 16:47 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2016-06-01 16:44 - 2016-06-01 16:44 - 72130584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-01 16:44 - 2016-06-01 16:44 - 14065952 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 13243904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 13108552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 10093736 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 07181608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 07104888 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 06273336 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 05834336 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 05344904 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 03938845 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-01 16:44 - 2016-06-01 16:44 - 03337424 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 03315800 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 03309264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 03154607 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-06-01 16:44 - 2016-06-01 16:44 - 03006200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02989856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02856704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02719992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-01 16:44 - 2016-06-01 16:44 - 02632360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02562640 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02467216 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02218928 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02119288 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 02058880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01991784 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01985576 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01851128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01804936 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01624744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01613720 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01530864 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01456472 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01416832 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01403096 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01372520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01354808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01231248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01194856 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01183352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01140408 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01015608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 01012560 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00982248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00979104 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00961680 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00940640 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00940320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00905040 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00891160 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00889888 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00764344 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00759208 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00742536 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00723232 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00713912 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00693032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00692520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00659872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00632344 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00610128 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00588632 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00583168 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-06-01 16:44 - 2016-06-01 16:44 - 00545816 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00527824 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00517456 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00513712 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00479984 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00461272 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00460440 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00458016 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00453848 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00440728 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00399456 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00393480 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00374096 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00366216 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00355496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00352896 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00352896 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00352424 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00342280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00339136 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00333288 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00333288 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00322032 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00283928 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00267200 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00264968 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00264896 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00263936 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00242768 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00235032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00232704 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00225504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00220136 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00205640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00182888 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00176480 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00168936 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00161960 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00144184 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00131024 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00128504 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00127296 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00120712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00114008 _____ C:\Windows\system32\audioLibVc.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00100544 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00097968 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00097912 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00094168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00093144 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00085088 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\ProgramData\Dolby
2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\Program Files\Dolby
2016-06-01 16:40 - 2016-06-01 16:40 - 02365304 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2016-06-01 16:40 - 2016-06-01 16:40 - 00786032 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2016-06-01 16:40 - 2016-06-01 16:40 - 00437360 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2016-06-01 16:40 - 2016-06-01 16:40 - 00291952 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo34-5.dll
2016-06-01 16:40 - 2016-06-01 16:40 - 00286312 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2016-06-01 16:40 - 2016-06-01 16:40 - 00074352 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID_Aux.sys
2016-06-01 16:38 - 2016-06-27 07:52 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-01 16:37 - 2015-12-01 09:01 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-26 20:13 - 2015-11-01 07:33 - 00812538 _____ C:\Windows\system32\perfh00C.dat
2016-06-26 20:13 - 2015-11-01 07:33 - 00154740 _____ C:\Windows\system32\perfc00C.dat
2016-06-26 20:13 - 2015-11-01 07:31 - 00772656 _____ C:\Windows\system32\perfh007.dat
2016-06-26 20:13 - 2015-11-01 07:31 - 00154794 _____ C:\Windows\system32\perfc007.dat
2016-06-26 20:13 - 2015-07-16 17:54 - 02759286 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 20:13 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-06-26 17:58 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-26 17:57 - 2015-07-10 11:05 - 04980736 ___SH C:\Windows\system32\config\BBI
2016-06-26 11:06 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-26 11:06 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-06-26 09:09 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-25 13:50 - 2015-07-10 11:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-06-23 19:55 - 2015-11-01 06:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-06-23 15:23 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF
2016-06-21 09:38 - 2015-07-16 18:33 - 00000000 ____D C:\Windows\Panther
2016-06-21 09:36 - 2016-04-27 09:46 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-20 19:19 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-20 15:06 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-06-20 09:10 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\LiveKernelReports
2016-06-18 18:55 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-18 15:51 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-18 15:51 - 2015-07-10 14:20 - 00224368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 15:50 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-18 12:56 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 19:32 - 2015-07-10 13:06 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:32 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-07 11:18 - 2015-11-01 06:53 - 00000000 ____D C:\ProgramData\Lenovo
2016-06-06 16:41 - 2015-11-01 06:46 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-06-06 16:40 - 2015-11-01 06:48 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-05 09:25 - 2015-11-01 06:48 - 00000000 ____D C:\Windows\System32\Tasks\CyberLink
2016-06-05 09:25 - 2015-11-01 06:48 - 00000000 ____D C:\ProgramData\CyberLink
2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ____D C:\ProgramData\Temp
2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-06-05 09:25 - 2015-11-01 06:46 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-06-04 17:46 - 2015-11-01 07:31 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-06-04 17:46 - 2015-07-10 15:16 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\winrm
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\WCN
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\slmgr
2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\F12
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\dsc
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\MiracastView
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\MUI
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\migwiz
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Com
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\IME
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Help
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Sysprep
2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Dism
2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\servicing
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Provisioning
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\L2Schemas
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-06-02 15:35 - 2015-07-10 13:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-02 15:32 - 2015-11-01 06:51 - 00000000 ____D C:\ProgramData\McAfee
2016-06-01 21:07 - 2015-07-10 15:14 - 00000000 ____D C:\Windows\OCR
2016-06-01 16:47 - 2015-11-01 07:34 - 00103944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-06-01 16:47 - 2015-11-01 07:34 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-06-01 16:47 - 2015-08-24 11:57 - 15453440 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\dlumdfb11.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\dlumdfb10.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 07823776 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-01 16:47 - 2015-08-24 11:57 - 02052104 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 00749576 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 00402344 _____ C:\Windows\system32\igfxTray.exe
2016-06-01 16:47 - 2015-08-24 11:57 - 00383496 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2016-06-01 16:47 - 2015-08-24 11:57 - 00372128 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2016-06-01 16:47 - 2015-08-24 11:57 - 00351656 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2016-06-01 16:47 - 2015-08-24 11:57 - 00268704 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2016-06-01 16:44 - 2015-11-01 07:37 - 04614896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-01 16:44 - 2015-11-01 07:37 - 00032392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-01 16:44 - 2015-11-01 07:37 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-01 16:44 - 2015-11-01 07:37 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-01 16:40 - 2015-08-10 01:16 - 07052032 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw02.sys
2016-06-01 16:40 - 2015-08-04 08:50 - 01813392 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-01 16:40 - 2015-08-04 08:50 - 00648304 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2016-06-01 16:40 - 2015-08-04 08:50 - 00074352 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID.sys

==================== Files in the root of some directories =======

2016-06-02 15:15 - 2016-06-02 15:15 - 0000000 _____ () C:\Users\ulfw\AppData\Roaming\fastboot.log
2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\Users\ulfw\AppData\Roaming\Speech Enhancer
2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\Users\ulfw\AppData\Roaming\Standard
2015-11-01 07:37 - 2015-11-01 07:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-01 07:37 - 2015-11-01 07:37 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2016-06-03 15:06 - 2016-06-03 15:06 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2016-06-03 15:06 - 2016-06-03 15:06 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\ProgramData\StartupItems
2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\ProgramData\StatusSheet
2016-06-25 20:05 - 2016-06-25 20:05 - 0000751 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt

Some files in TEMP:
====================
C:\Users\ulfw\AppData\Local\Temp\avguirn_08130543378.exe
C:\Users\ulfw\AppData\Local\Temp\LSCSetup64.exe
C:\Users\ulfw\AppData\Local\Temp\nitro_reader3_64.exe
C:\Users\ulfw\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-20 14:48

==================== End of FRST.txt ============================

So nun noch die Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by ulfw (2016-06-27 09:20:50)
Running from C:\TrojanerBoard
Windows 10 Home (X64) (2016-06-01 14:38:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled)
Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Enabled)
ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.32 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4326 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.059.01 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: 3.3.00.145 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.145 - O2Micro International LTD.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7624 - Realtek Semiconductor Corp.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.57 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo)
Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)
Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo)
Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-01 07:40 - 2015-11-01 07:40 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll
2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\Windows\System32\us008lm.dll
2015-11-01 07:40 - 2015-11-01 07:40 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 ____N () C:\Windows\SysWOW64\spdsvc.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2015-07-10 13:00 - 2015-07-10 13:00 - 00009216 _____ () C:\Windows\System32\WppRecorderUM.dll
2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-06-01 16:51 - 2016-06-01 16:51 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-06-02 15:56 - 2015-09-17 07:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2016-06-02 15:57 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-02 15:57 - 2015-11-25 06:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2016-06-02 15:56 - 2015-11-25 06:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-24 11:57 - 2016-06-01 16:47 - 00402344 _____ () C:\Windows\system32\igfxTray.exe
2016-06-02 15:55 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-02 15:57 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-02 15:57 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-02 15:57 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2016-06-01 20:26 - 2016-06-01 20:27 - 00011776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe
2016-06-01 20:26 - 2016-06-01 20:27 - 09355776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.dll
2016-06-01 20:26 - 2016-06-01 20:27 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2016-06-01 20:26 - 2016-06-01 20:27 - 03691520 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleShared.dll
2016-06-01 20:26 - 2016-06-01 20:27 - 01506304 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2016-06-01 20:25 - 2016-06-01 20:25 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-01 20:27 - 2016-06-01 20:27 - 00334848 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll
2016-06-01 20:28 - 2016-06-01 20:29 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-06-26 11:06 - 2016-06-26 11:06 - 00013824 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2016-06-26 11:06 - 2016-06-26 11:06 - 06377984 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2016-06-23 15:21 - 2016-06-23 15:21 - 00101888 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Management\169ee9932d1ee21f598f3e8febe8b121\Windows.Management.ni.dll
2016-06-23 15:22 - 2016-06-23 15:22 - 02791424 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\41c4967b91ed1a3b0f7984880dd8ca7b\Windows.ApplicationModel.ni.dll
2016-06-23 15:22 - 2016-06-23 15:22 - 00798720 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\5734a2294b9dfb600863f61886671e9d\Windows.Storage.ni.dll
2016-06-23 15:21 - 2016-06-23 15:21 - 00335360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\0dc521709008442b2c9474c5efc6ecab\Windows.Foundation.ni.dll
2016-06-24 15:21 - 2016-06-24 15:21 - 02852864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\b31a342f22515ee926d67bcc8d757409\Windows.Devices.ni.dll
2016-06-24 15:21 - 2016-06-24 15:21 - 02486784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Media\272a430ca319ba3abb9e80c8aa8e56c6\Windows.Media.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7CB761F-B9E4-4DD1-A144-5C444E586068}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{CD569EF6-BB56-4B4C-9855-8C4B55E47C91}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{0A4DCD54-905B-45BB-A338-C6781EA0E3D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{79B77B30-6B22-4D32-BB37-59A70B474660}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A075D203-1493-49A0-A32D-33AE7B47E8FA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{60BC23CB-BAE5-4A98-8185-D34A240FA7CD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{018189E5-3DFD-4AED-8FE5-7BB0B8449BE0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{7E73DF7D-BCA5-4996-B8DF-7D75F1B86623}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{846BA4AC-B6A4-497C-A5C9-3A6527E1703B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BEF7B5F0-2ABF-478F-BAB6-79F9D59AB926}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8FE5E688-C32D-402F-B6A9-D3FA606E3AEF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{F3871C34-F2CD-494F-A027-407D416EECDA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{1366F145-5C9C-4796-9EA6-D119C6C99795}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{52C2137D-ECA4-4E6E-BD80-57A213A5FFC9}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{DDE37BB5-5FAF-4BCC-9016-257675C71BE2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{3B4B6C78-71FA-4BEA-9750-3A20019C8306}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D5FFCC7B-6EED-4EAB-B4B0-9F88EB47DB45}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0C8115D6-DE01-41EE-8106-450713B39B22}] => (Allow) LPort=2869
FirewallRules: [{284F92AD-76E8-4CD5-A254-713BA690D0C4}] => (Allow) LPort=1900
FirewallRules: [{CF188264-B2EB-42B1-921E-C55AD11F9C38}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A6AB89B1-DD7D-4B15-AEB2-886117E3B605}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D55DFAA6-C041-45C4-9FCB-64C7F2BC3782}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D45CA73D-272C-4B35-83EC-496204423CD6}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe

==================== Restore Points =========================

18-06-2016 12:53:17 Windows Update
18-06-2016 12:53:38 Windows Update
25-06-2016 16:28:20 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2016 07:52:22 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/26/2016 10:18:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2016 10:07:15 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/26/2016 08:22:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NITROP~2.EXE, Version 3.5.6.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1668

Startzeit: 01d1cfd78094371d

Beendigungszeit: 33

Anwendungspfad: C:\PROGRA~2\Nitro\READER~1\NITROP~2.EXE

Berichts-ID: ef36eeb8-3bca-11e6-9c09-a434d9298c05

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/26/2016 08:01:37 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/26/2016 05:57:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2016 05:53:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 288

Startzeit: 01d1cfbf19ebf51d

Beendigungszeit: 19

Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Berichts-ID: 1e490bb9-3bb6-11e6-9c08-a434d9298c05

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/26/2016 05:21:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1fc0

Startzeit: 01d1cfbe19c1884a

Beendigungszeit: 8

Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Berichts-ID: 9213dcf6-3bb1-11e6-9c08-a434d9298c05

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/26/2016 05:19:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19d4

Startzeit: 01d1cfbdf2640afd

Beendigungszeit: 24

Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Berichts-ID: 4a823786-3bb1-11e6-9c08-a434d9298c05

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/26/2016 05:11:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b94

Startzeit: 01d1cfbcc0d5cd64

Beendigungszeit: 11

Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Berichts-ID: 39032614-3bb0-11e6-9c08-a434d9298c05

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:


System errors:
=============
Error: (06/27/2016 08:58:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Samsung Printer Dianostics Service erreicht.

Error: (06/27/2016 08:40:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Samsung Printer Dianostics Service erreicht.

Error: (06/27/2016 07:53:50 AM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Vom folgenden Dienst wurde wiederholt nicht auf Dienststeuerungsanforderungen reagiert: Print Spooler

Erkundigen Sie sich beim Diensthersteller oder beim Systemadministrator danach, ob der Dienst deaktiviert werden sollte, bis das Problem gefunden wurde.

Der Computer muss unter Umständen im abgesicherten Modus gestartet werden, um den Dienst deaktivieren zu können.

Error: (06/27/2016 07:53:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (06/27/2016 07:52:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (06/26/2016 10:19:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (06/26/2016 10:18:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (06/26/2016 10:18:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.

Error: (06/26/2016 10:18:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (06/26/2016 10:18:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 8097.91 MB
Available physical RAM: 4759.56 MB
Total Virtual: 9377.91 MB
Available Virtual: 5809.38 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:51.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Removable) (Total:15.69 GB) (Free:1.59 GB) FAT32
Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:55.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB)

Partition: GPT.

========================================================
Disk: 1 (Size: 15.7 GB) (Disk ID: DEBD2285)
Partition 1: (Not Active) - (Size=15.7 GB) - (Type=0C)

==================== End of Addition.txt ============================

cosinus · 27.06.2016, 09:26

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

werama · 27.06.2016, 12:33

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.06.27.02
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16942
ulfw :: LAPDESKTOP [administrator]

27.06.2016 12:55:29
mbar-log-2016-06-27 (12-55-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 295768
Time elapsed: 8 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 27.06.2016, 13:18

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

werama · 27.06.2016, 14:05

Code:

ATTFilter

# AdwCleaner v5.200 - Logfile created 27/06/2016 at 14:45:23
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : ulfw - LAPDESKTOP
# Running from : C:\Users\ulfw\Downloads\AdwCleaner_5.200.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\OCS
Key Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\OCS
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com
Data Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com
Data Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com

***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [1284 bytes] - [27/06/2016 14:45:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1357 bytes] ##########

Hier der vermutlich letzte Teil:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by ulfw (Administrator) on 27.06.2016 at 15:00:52.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\Windows\prefetch\PERFORMANCEOPTIMIZER.EXE-D034DBC3.pf (File) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D5F1BE35-A861-465C-ACBD-70DA19F6DED7} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.06.2016 at 15:01:53.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 27.06.2016, 14:15

Anleitung bitte richtig lesen. Du hast nur nen Suchlauf mit dem adwCleaner gemacht.

werama · 27.06.2016, 19:20

Sorry cosinus

Code:

ATTFilter

# AdwCleaner v5.200 - Logfile created 27/06/2016 at 17:37:24
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : ulfw - LAPDESKTOP
# Running from : C:\Users\ulfw\Downloads\AdwCleaner_5.200.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\OCS
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data Restored : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: TCP/IP settings cleared
:: Firewall settings cleared
:: IPSec settings cleared
:: IE policies deleted
:: Chrome policies deleted
:: Chrome preferences reset : C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default
:: Hosts file cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1498 bytes] - [27/06/2016 17:37:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [1436 bytes] - [27/06/2016 14:45:23]
C:\AdwCleaner\AdwCleaner[S2].txt - [1509 bytes] - [27/06/2016 17:36:42]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1717 bytes] ##########

Hallo Cosinus
Wars das jetzt ?
Kommt noch eine Empfehlung zum Virenschutz ?
Ich werde gerne einen Obulus in eure Kasse legen.

Gruss werama

cosinus · 28.06.2016, 10:54

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

werama · 29.06.2016, 12:53

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by ulfw (2016-06-28 13:53:41)
Running from C:\TrojanerBoard
Windows 10 Home Version 1511 (X64) (2016-06-27 17:29:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled)
Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Disabled)
ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.32 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4326 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.059.01 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: 3.3.00.145 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.145 - O2Micro International LTD.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7624 - Realtek Semiconductor Corp.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.57 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo)
Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)
Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo)
Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\WINDOWS\System32\sst3cl6.dll
2016-06-23 19:50 - 2011-06-21 04:23 - 00826880 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sst3cdu.dll
2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-27 20:04 - 2016-06-27 20:04 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-27 08:10 - 2016-04-27 08:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2016-06-18 13:07 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 13:07 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-18 13:07 - 2016-06-15 10:26 - 31519384 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2016-06-27 17:37 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> E:\Eigene Dokumente\Eigene Bilder\Oberoesterreich\Eggelsberg-37.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2016 01:45:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 12:51:05 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 08:18:08 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 07:27:19 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/27/2016 09:48:01 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/27/2016 08:43:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 08:38:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 08:19:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 08:01:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version: 6.15.10.4326, Zeitstempel: 0x564a0be3
Name des fehlerhaften Moduls: igfxHK.exe, Version: 6.15.10.4326, Zeitstempel: 0x564a0be3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000015953
ID des fehlerhaften Prozesses: 0x181c
Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0
Pfad der fehlerhaften Anwendung: igfxHK.exe1
Pfad des fehlerhaften Moduls: igfxHK.exe2
Berichtskennung: igfxHK.exe3
Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5

Error: (06/27/2016 08:01:43 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]


System errors:
=============
Error: (06/28/2016 12:51:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Targus Giga Ethernet, {3BA909AF-3C62-4429-94B3-18FD1BDDA109}" ist das Ereignis "73" aufgetreten.

Error: (06/28/2016 09:51:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Access_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Storage_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Contact Data_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sync Host_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/28/2016 08:28:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/28/2016 08:18:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/28/2016 07:27:21 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Targus Giga Ethernet, {3BA909AF-3C62-4429-94B3-18FD1BDDA109}" ist das Ereignis "73" aufgetreten.

Error: (06/27/2016 10:10:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Access_5d402b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-06-28 08:19:14.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 22:04:07.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:27:12.657
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:26:36.802
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:21:45.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 8097.91 MB
Available physical RAM: 4886.97 MB
Total Virtual: 10017.91 MB
Available Virtual: 6863.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:49.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:54.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB)

Partition: GPT.

==================== End of Addition.txt ============================

Cosinus
Wartest du noch auf ein anderes File ?

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2016
Ran by ulfw (2016-06-29 13:50:07)
Running from C:\Users\ulfw\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-27 17:29:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled)
Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Disabled)
ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 14 (HKLM-x32\...\{18EF738B-56F0-4370-8FEA-93FC9EC51DFA}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.32 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4326 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.059.01 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: 3.3.00.145 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.145 - O2Micro International LTD.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7624 - Realtek Semiconductor Corp.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.57 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo)
Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)
Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo)
Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\WINDOWS\System32\sst3cl6.dll
2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe
2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-27 20:04 - 2016-06-27 20:04 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-01 16:47 - 2016-06-01 16:47 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-27 08:10 - 2016-04-27 08:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-28 05:18 - 2016-06-28 05:18 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2016-06-27 20:38 - 2016-06-27 20:38 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-27 20:38 - 2016-06-27 20:38 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-27 20:38 - 2016-06-27 20:38 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-06-01 20:26 - 2016-06-01 20:28 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-01 20:28 - 2016-06-01 20:29 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-27 20:42 - 2016-06-27 20:42 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2016-06-27 17:37 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> E:\Eigene Dokumente\Eigene Bilder\Oberoesterreich\Eggelsberg-37.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2016 01:32:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/29/2016 11:19:00 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/29/2016 07:15:32 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Plug-ins&#x5c;Common&#x5c;TSStrider,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "Plug-ins&#x5c;Common&#x5c;TSStrider,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/28/2016 10:49:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Plug-ins&#x5c;Common&#x5c;TSStrider,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "Plug-ins&#x5c;Common&#x5c;TSStrider,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/28/2016 02:47:15 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 01:45:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 12:51:05 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 08:18:08 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (06/28/2016 07:27:19 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]


System errors:
=============
Error: (06/29/2016 12:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/29/2016 10:39:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Access_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Storage_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Contact Data_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sync Host_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:22:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Access_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Storage_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Contact Data_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-06-28 08:19:14.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 22:04:07.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:27:12.657
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:26:36.802
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-27 19:21:45.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8097.91 MB
Available physical RAM: 4998.89 MB
Total Virtual: 10017.91 MB
Available Virtual: 7132.56 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:42.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:53.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB)

Partition: GPT.

==================== End of Addition.txt ============================

cosinus · 29.06.2016, 12:59

FRST.exe fehlt

27.06.2016, 14:15	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVG user Interface Anleitung bitte richtig lesen. Du hast nur nen Suchlauf mit dem adwCleaner gemacht. __________________ Logfiles bitte immer in CODE-Tags posten

28.06.2016, 10:54	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVG user Interface Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

29.06.2016, 12:59	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVG user Interface FRST.exe fehlt __________________ Logfiles bitte immer in CODE-Tags posten

AVG user Interface

Plagegeister aller Art und deren Bekämpfung: AVG user Interface