| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updatenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.07.2016, 12:20
| #1 |
| |  Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Liebe Trojaner-Board-Community, seit längerem habe ich den Verdacht, dass mein PC infiziert sein könnte. Als Betriebssystem benutze ich Windows 10 in Verbindung mit der Kaspersky Internet Security Suite 2016. Angeschlagen hat jedoch nie etwas und auch die Suche mit einer Kaspersky Rescue Disk brachte nichts hervor. Verdächtig erschien mir jedoch die ganze Zeit über, dass MBAM nicht updaten konnte (DNS-Changer?). Daraufhin habe ich MBAM heute deinstalliert, neu heruntergeladen, installiert und einen Suchlauf gestartet, der mir endlich "Trojan.ProxyHijacker" anzeigte. Durch den bestätigten Verdacht startete ich GMER, das sofort ein Rootkit ausfindig machte. Mein Problem dabei ist, dass ich bisher nicht in der Lage war, die Schadsoftware zu entfernen. Auch der MBR lies sich nicht fixen. Bin für jede Hilfe und jeden Hinweis dankbar! Logfiles liegen vor: Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 25.07.2016 Suchlaufzeit: 09:47 Protokolldatei: trojan.proxyhijacker.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.02.16.06 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 370676 Abgelaufene Zeit: 6 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 5 Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, , [2c3a1051c6d3ab8bfb5aa4077092f907], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\setup.DynamicNS, , [2c3a1051c6d3ab8bfb5aa4077092f907], Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\setup.DynamicNS, , [2c3a1051c6d3ab8bfb5aa4077092f907], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\setup.DynamicNS, , [2c3a1051c6d3ab8bfb5aa4077092f907], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, , [2c3a1051c6d3ab8bfb5aa4077092f907], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-07-25 12:33:43
Windows 6.2.9200 x64
Running: gmer-2.2.19882.exe
---- Services - GMER 2.2 ----
Service C:\WINDOWS\system32\drivers\WdFilter.sys (*** hidden *** ) [BOOT] WdFilter <-- ROOTKIT !!!
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control@SystemStartOptions NOEXECUTE=OPTIN SAFEBOOT:MINIMAL(ALTERNATESHELL) NOGUIBOOT BOOTLOGO
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x5E 0x82 0x51 0x05 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0xE0 0xA3 0xBF 0xA8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x4D 0xA6 0x58 0x05 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0xCE 0xCE 0xC6 0xA8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE 9
Reg HKLM\SYSTEM\CurrentControlSet\Control\Diagnostics\Performance@ActiveShutdownDCL C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl.002
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SAM0B65808662329_2A_07DF_D8^90022BE2F1A966929B6B4557C4FF01A5@Timestamp 0xAC 0x52 0x80 0x06 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 784
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment@SAFEBOOT_OPTION MINIMAL
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 1362677
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 793209340
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 11
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 479620552
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 27052
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 27055
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 23443
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 390
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 860
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 17974
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 169
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 251
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 432
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 18395
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 232
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 193
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 18834
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 18873
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 22850
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 18868
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 23438
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 3870
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 185
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime 2
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 13082
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 3670
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 165
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 7
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 569
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 45
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 542134
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0x10 0xE5 0x02 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 38455
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0x7E 0x4D 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 215
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 220
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 117
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumTime 76
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumIoTime 14
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumTime 54
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumIoTime 27
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 3088
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 458
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime 3993
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0x06 0xC1 0x33 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID a7330a81-c1c0-46a5-80ce-6d52ab5
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\WdiContextLog@FileCounter 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@PerfMMFileName Global\MMF_BITS_s
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{94b0a044-315b-49a3-b661-4a47214be589}@LastProbeTime 1469445321
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{13302688-CA99-4C3C-A444-EECFC577B4FB}@DefunctTimestamp 0xB7 0xD7 0x95 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\kl1@IPCStatus 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@ReadyBootPlanAge 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?Mo?, ?Jul ?25 ?16, 11:17:38???????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\SDScannerService@ServiceWebPortFileScannerActive 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SDScannerService@ServiceWebPortFirewallActive 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SDUpdateService@ServiceWebPortActive 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 542
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 144
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-RAServer-In-TCP-NoScope-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\raserver.exe|Name=@FirewallAPI.dll,-33011|Desc=@FirewallAPI.dll,-33014|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-RAServer-Out-TCP-NoScope-Active v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\raserver.exe|Name=@FirewallAPI.dll,-33015|Desc=@FirewallAPI.dll,-33018|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-DCOM-In-TCP-NoScope-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-33035|Desc=@FirewallAPI.dll,-33036|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-In-TCP-EdgeScope-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33003|Desc=@FirewallAPI.dll,-33006|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-Out-TCP-Active v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33007|Desc=@FirewallAPI.dll,-33010|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-SSDPSrv-In-UDP-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33019|Desc=@FirewallAPI.dll,-33022|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-SSDPSrv-Out-UDP-Active v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33023|Desc=@FirewallAPI.dll,-33026|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-SSDPSrv-In-TCP-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-33027|Desc=@FirewallAPI.dll,-33030|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-SSDPSrv-Out-TCP-Active v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-33031|Desc=@FirewallAPI.dll,-33034|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=3540|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33039|Desc=@FirewallAPI.dll,-33040|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@RemoteAssistance-PnrpSvc-UDP-OUT-Active v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33037|Desc=@FirewallAPI.dll,-33038|EmbedCtxt=@FirewallAPI.dll,-33002|
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 8
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeConfidence 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x85 0xDF 0x82 0x48 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x85 0x47 0x47 0xAA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x85 0x77 0xBE 0xE6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount 0x11 0xE4 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath system32\drivers\WdFilter.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter
Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0
---- EOF - GMER 2.2 ----
|
|
25.07.2016, 12:35
| #2 |
| /// Malwareteam   | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
25.07.2016, 13:12
| #3 |
| | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Hallo Rafael,
__________________vielen Dank für deine Hilfe!  hier die gewünschten Logfiles von Schritt 1 FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-07-2016
durchgeführt von Admin (Administrator) auf MININT-JH7JDHE (25-07-2016 13:53:45)
Gestartet von D:\Downloads
Geladene Profile: Admin (Verfügbare Profile: Admin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\syswow64\rundll32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() D:\Downloads\gmer-2.2.19882.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.9020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Epic Games, Inc.) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
(Valve Corporation) D:\Program Files (x86)\Steam\GameOverlayUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2016-07-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [KeePass 2 PreLoad] => D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [222240 2016-04-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\...\MountPoints2: {48447ce9-b8c9-11e5-9bc1-806e6f6e6963} - "E:\setup.exe" /AUTORUN
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-07-17]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{d81453fd-a503-487e-900d-49eee26c939c}: [NameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-07-14] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-07-14] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-07-14] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-07-14] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-07-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hj132si7.default
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hj132si7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-14]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-07-14]
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-07-14]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-14]
CHR Extension: (Ghostery) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-07-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-07-14] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-14] (Dropbox, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\Windows\System32\drivers\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31832 2016-07-14] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-14] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-07-14] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-07-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-07-14] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-07-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-07-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-07-14] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-07-14] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-07-14] (Intel Corporation)
S3 MFE_RR; C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [24120 2016-07-25] (McAfee, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-07-14] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 pmem; \??\C:\Users\Admin\AppData\Local\Temp\_MEI9562\drivers\winpmem64.sys [X]
U3 kwryyaow; \??\C:\Users\Admin\AppData\Local\Temp\kwryyaow.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-25 13:02 - 2016-07-25 13:13 - 00000000 ____D C:\Users\Admin\Desktop\mbar
2016-07-25 13:02 - 2016-07-25 13:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-25 11:22 - 2016-07-25 11:22 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-07-25 11:21 - 2016-07-25 11:24 - 00473266 _____ C:\WINDOWS\ntbtlog.txt
2016-07-25 10:17 - 2016-07-25 10:17 - 00000000 ____D C:\Program Files (x86)\ESET
2016-07-25 09:54 - 2016-07-25 09:54 - 00001784 _____ C:\Users\Admin\Desktop\trojan.proxyhijacker.txt
2016-07-25 09:45 - 2016-07-25 13:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-25 09:45 - 2016-07-25 13:02 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-25 09:45 - 2016-07-25 09:45 - 00000848 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-25 09:45 - 2016-07-25 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-07-25 09:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-25 09:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-24 17:31 - 2016-07-24 17:31 - 00455580 _____ C:\WINDOWS\Minidump\072416-34812-01.dmp
2016-07-24 17:31 - 2016-07-24 17:31 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-24 17:30 - 2016-07-24 17:30 - 747396695 _____ C:\WINDOWS\MEMORY.DMP
2016-07-20 21:14 - 2016-07-20 21:14 - 00113524 _____ C:\Users\Admin\Desktop\SEPA KFZ-ZULASSUNG.pdf
2016-07-19 18:31 - 2016-07-19 18:31 - 00079481 _____ C:\Users\Admin\Desktop\SEPA Überweisung.pdf
2016-07-18 23:10 - 2016-07-18 23:10 - 00000222 _____ C:\Users\Admin\Desktop\Chivalry Medieval Warfare.url
2016-07-18 23:10 - 2016-07-18 23:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-18 23:03 - 2016-07-18 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-18 23:02 - 2016-07-18 23:03 - 00000731 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-17 16:51 - 2016-07-17 16:51 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2016-07-17 16:51 - 2016-07-17 16:51 - 00000000 ____D C:\Program Files (x86)\Secunia
2016-07-17 11:22 - 2016-07-17 11:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-07-17 11:02 - 2016-07-17 11:02 - 00000000 ____D C:\Users\Admin\Documents\Benutzerdefinierte Office-Vorlagen
2016-07-17 00:31 - 2016-07-17 11:05 - 00000000 ____D C:\Users\Admin\Desktop\Excel
2016-07-16 23:44 - 2016-07-16 23:44 - 00000803 _____ C:\Users\Admin\Desktop\Paradox Converter.lnk
2016-07-16 23:44 - 2016-07-16 23:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paradox Converter
2016-07-16 23:39 - 2016-07-17 00:29 - 00352256 _____ C:\Users\Admin\Documents\Database3.accdb
2016-07-16 23:32 - 2016-07-16 23:34 - 00348160 _____ C:\Users\Admin\Documents\Database2.accdb
2016-07-16 23:31 - 2016-07-16 23:31 - 00000000 ___SD C:\Users\Admin\Documents\Meine Datenquellen
2016-07-16 23:29 - 2016-07-16 23:29 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-07-16 23:25 - 2016-07-16 23:25 - 00002551 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-07-16 23:25 - 2016-07-16 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-07-16 23:21 - 2016-07-17 10:29 - 00000000 ____D C:\Program Files\Microsoft Office
2016-07-16 23:21 - 2016-07-16 23:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-07-16 22:05 - 2016-07-16 23:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-16 21:56 - 2016-07-16 21:56 - 00000000 ____D C:\Users\Admin\Documents\Ashampoo Burning Studio 2015
2016-07-16 21:50 - 2016-07-16 21:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Ashampoo
2016-07-16 13:08 - 2016-07-16 13:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-15 14:47 - 2016-07-15 14:47 - 00000000 ____D C:\Users\Admin\Desktop\paradox
2016-07-15 14:21 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-07-15 14:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-07-15 14:21 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-07-15 14:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-07-15 14:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-07-15 14:21 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-07-15 14:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-07-15 14:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-07-15 14:20 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-07-15 14:20 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-07-15 14:20 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-07-15 14:20 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-07-15 14:20 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-07-15 14:20 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-07-15 14:20 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-07-15 14:20 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-07-15 14:20 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-07-15 14:20 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-07-15 14:20 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-07-15 14:20 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-07-15 14:20 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-07-15 14:20 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-07-15 14:20 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-07-15 14:20 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-07-15 14:20 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-07-15 14:20 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-07-15 14:20 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-07-15 14:20 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-07-15 14:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-07-15 14:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-07-15 14:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-07-15 14:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-07-15 14:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-07-15 14:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-07-15 14:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-07-15 14:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-07-15 14:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-07-15 14:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-07-15 14:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-07-15 14:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-07-15 14:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-07-15 14:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-07-15 14:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-07-15 14:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-07-15 14:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-07-15 14:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-07-15 14:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-07-15 14:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-07-15 14:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-07-15 14:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-07-15 14:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-07-15 14:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-07-15 14:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-07-15 14:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-07-15 14:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-07-15 14:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-07-15 14:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-07-15 14:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-07-15 14:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-07-15 14:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-07-15 14:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-07-15 14:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-07-15 14:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-07-15 14:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-07-15 14:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-07-15 14:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-07-15 14:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-07-15 14:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-07-15 14:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-07-15 14:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-07-15 14:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-07-15 14:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-07-15 14:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-07-15 14:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-07-15 14:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-07-15 14:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-07-15 14:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-07-15 14:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-07-15 14:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-07-15 14:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-07-15 14:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-07-15 14:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-07-15 14:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-07-15 14:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-07-15 14:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-07-15 14:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-07-15 14:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-07-15 14:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-07-15 14:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-07-15 14:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-07-15 14:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-07-15 14:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-07-15 14:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-07-15 14:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-07-15 14:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-07-15 14:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-07-15 14:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-07-15 14:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-07-15 14:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-07-15 14:19 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-07-15 14:19 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-07-15 14:19 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-07-15 14:19 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-07-15 14:19 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-07-15 14:19 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-07-15 14:19 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-07-15 14:19 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-07-15 14:19 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-07-15 14:19 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-07-15 14:19 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-07-15 14:19 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-07-15 14:19 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-07-15 14:19 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-07-15 14:19 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-07-15 14:19 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-07-15 14:19 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-07-15 14:19 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-07-15 09:54 - 2014-02-04 15:29 - 00316928 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CAC.dll
2016-07-15 09:54 - 2014-02-04 15:29 - 00105984 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CAI.dll
2016-07-15 09:54 - 2014-01-21 13:16 - 00369664 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CAL.dll
2016-07-15 09:54 - 2013-12-02 12:51 - 00096000 _____ C:\WINDOWS\system32\CNC177FD.TBL
2016-07-15 09:54 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2016-07-15 09:53 - 2016-07-15 09:53 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-07-15 09:53 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCA.DLL
2016-07-15 09:52 - 2016-07-15 09:52 - 00002057 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2016-07-14 22:45 - 2016-07-16 12:39 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-07-14 22:45 - 2016-07-14 22:55 - 00000000 ____D C:\Users\Admin\AppData\Local\Sync.Logs
2016-07-14 22:45 - 2016-07-14 22:45 - 23459840 _____ C:\Users\Admin\AppData\Local\Sync.msi
2016-07-14 22:45 - 2016-07-14 22:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Sync.Config
2016-07-14 22:44 - 2016-07-14 22:44 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-14 22:42 - 2016-07-14 22:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2016-07-14 22:42 - 2016-07-14 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-14 22:41 - 2016-07-25 13:46 - 00001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-14 22:41 - 2016-07-25 12:20 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-14 22:41 - 2016-07-14 22:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2016-07-14 22:41 - 2016-07-14 22:43 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-14 22:41 - 2016-07-14 22:41 - 00004302 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-07-14 22:41 - 2016-07-14 22:41 - 00004070 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-07-14 22:41 - 2016-07-14 22:41 - 00000000 ____D C:\ProgramData\Dropbox
2016-07-14 22:33 - 2016-07-14 22:33 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-07-14 22:33 - 2016-07-14 22:33 - 00001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-07-14 22:33 - 2016-07-14 22:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-07-14 22:33 - 2016-07-14 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-07-14 22:32 - 2016-07-14 22:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-14 22:32 - 2016-07-14 22:33 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-07-14 22:32 - 2016-07-14 22:32 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-07-14 22:32 - 2016-07-14 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-14 22:32 - 2016-07-14 22:32 - 00000000 ____D C:\Program Files\CCleaner
2016-07-14 22:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-07-14 22:31 - 2016-07-14 22:31 - 28057344 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\AppSetup.exe
2016-07-14 22:31 - 2016-07-14 22:31 - 00581120 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\P17APO64.dll
2016-07-14 22:31 - 2016-07-14 22:31 - 00218624 _____ (Creative Technology Limited) C:\WINDOWS\system32\ctdvins1.dll
2016-07-14 22:31 - 2016-07-14 22:31 - 00073728 _____ (Creative Technology Limited) C:\WINDOWS\system32\ctcoins1.dll
2016-07-14 22:31 - 2016-07-14 22:31 - 00042496 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AddCat.exe
2016-07-14 22:31 - 2016-07-14 22:31 - 00008704 _____ (Creative Technology Ltd.) C:\WINDOWS\ResDefE.exe
2016-07-14 22:31 - 2016-07-14 22:31 - 00008491 _____ C:\WINDOWS\SysWOW64\P17APO64.p17
2016-07-14 22:31 - 2016-07-14 22:31 - 00003930 _____ C:\WINDOWS\system32\ludap17.ini
2016-07-14 22:31 - 2016-07-14 22:31 - 00000054 _____ C:\WINDOWS\system32\ctzapxx.ini
2016-07-14 22:21 - 2016-07-14 22:21 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 35117112 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 31639096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 25401280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 21802816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 21346520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 18145256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 17740664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 17662432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 17379520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 10642912 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 08733280 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 03371648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 02791360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 02419768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436822.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 01581624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436822.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00936192 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-07-14 22:21 - 2016-07-14 22:21 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00786360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00772152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00708032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00631104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00601936 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00379480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00346560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00178136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00155952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00153416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00141256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-07-14 22:21 - 2016-07-14 22:21 - 00131768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-07-14 22:21 - 2016-07-14 22:21 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-07-14 22:21 - 2016-07-14 22:21 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-07-14 22:20 - 2016-07-20 16:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2016-07-14 22:20 - 2016-07-14 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-07-14 22:19 - 2016-07-14 22:19 - 01730328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-07-14 22:19 - 2016-07-14 22:19 - 00031832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2016-07-14 22:18 - 2016-07-14 22:18 - 00000847 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-07-14 22:16 - 2016-07-14 22:16 - 00000000 ____D C:\Users\Admin\AppData\Local\ashampoo
2016-07-14 22:16 - 2016-07-14 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-07-14 22:15 - 2016-07-14 22:16 - 00000000 ____D C:\ProgramData\Ashampoo
2016-07-14 22:13 - 2016-07-14 22:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2016-07-14 22:13 - 2016-07-14 22:13 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2016-07-14 22:13 - 2016-07-14 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-14 22:13 - 2016-07-14 22:13 - 00000000 ____D C:\ProgramData\Apple Computer
2016-07-14 22:13 - 2016-07-14 22:13 - 00000000 ____D C:\Program Files\iPod
2016-07-14 22:13 - 2016-07-14 22:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-14 22:12 - 2016-07-14 22:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-14 22:12 - 2016-07-14 22:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-07-14 22:12 - 2016-07-14 22:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-07-14 22:12 - 2016-07-14 22:12 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple
2016-07-14 22:12 - 2016-07-14 22:12 - 00000000 ____D C:\Program Files\Bonjour
2016-07-14 22:12 - 2016-07-14 22:12 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-07-14 22:12 - 2016-07-14 22:12 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-07-14 22:11 - 2016-07-14 22:12 - 00000000 ____D C:\ProgramData\Apple
2016-07-14 22:07 - 2016-07-14 22:07 - 00000000 ____D C:\Users\Admin\AppData\Local\Steam
2016-07-14 22:07 - 2016-07-14 22:07 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2016-07-14 22:03 - 2016-07-14 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-07-14 22:02 - 2016-07-14 22:02 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-07-14 22:02 - 2016-07-14 22:02 - 00000000 ____D C:\WINDOWS\IObit
2016-07-14 22:02 - 2016-07-14 22:02 - 00000000 ____D C:\ProgramData\ProductData
2016-07-14 22:01 - 2016-07-25 12:23 - 00003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Admin)
2016-07-14 22:01 - 2016-07-14 22:02 - 00003380 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-07-14 22:01 - 2016-07-14 22:01 - 00000000 ____D C:\ProgramData\IObit
2016-07-14 22:00 - 2016-07-14 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-07-14 22:00 - 2016-07-14 22:00 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-07-14 22:00 - 2016-07-14 22:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2016-07-14 21:57 - 2016-07-25 08:35 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-14 21:57 - 2016-07-25 08:35 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-14 21:56 - 2016-07-25 13:07 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-14 21:56 - 2016-07-25 12:20 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-14 21:56 - 2016-07-14 23:20 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2016-07-14 21:56 - 2016-07-14 22:02 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-14 21:56 - 2016-07-14 22:02 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-14 21:56 - 2016-07-14 21:57 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-14 21:47 - 2016-07-14 21:47 - 00000000 ____D C:\Users\Admin\AppData\Local\MicrosoftEdge
2016-07-14 20:24 - 2016-07-14 23:18 - 00000000 ____D C:\Windows.old
2016-07-14 20:24 - 2016-07-14 20:24 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-07-14 20:24 - 2016-07-14 19:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-14 20:23 - 2016-07-14 20:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-14 20:23 - 2016-07-14 20:23 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-14 20:23 - 2016-07-14 20:23 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-07-14 20:21 - 2016-07-14 20:21 - 00000000 ____D C:\WINDOWS\Setup
2016-07-14 20:21 - 2016-07-14 20:21 - 00000000 ____D C:\ProgramData\Creative
2016-07-14 20:20 - 2016-07-14 22:31 - 00000159 ___RH C:\WINDOWS\ctfile.rfc
2016-07-14 20:20 - 2016-07-14 20:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Data
2016-07-14 20:20 - 2016-07-14 20:20 - 00000000 ____D C:\WINDOWS\system32\DATA
2016-07-14 20:20 - 2009-03-26 14:48 - 00190976 _____ C:\WINDOWS\system32\APOMgr64.DLL
2016-07-14 20:20 - 2009-03-26 14:46 - 00148480 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2016-07-14 20:20 - 2009-02-06 18:53 - 00089088 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2016-07-14 20:20 - 2009-02-06 18:52 - 00073728 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\WINDOWS\OCR
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\Program Files\MSBuild
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-07-14 20:17 - 2016-07-14 20:17 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-07-14 20:14 - 2016-07-25 12:20 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-14 20:14 - 2016-07-25 12:20 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-14 20:14 - 2016-07-14 20:13 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2016-07-14 20:14 - 2016-07-14 20:13 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-07-14 20:13 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\system32\de
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\system32\0409
2016-07-14 20:13 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-07-14 20:11 - 2016-07-02 06:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-14 20:11 - 2016-07-02 06:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 20:09 - 2016-07-18 11:52 - 00000000 ____D C:\WINDOWS\rescache
2016-07-14 20:09 - 2016-07-16 23:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-14 20:09 - 2016-07-16 23:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-14 20:09 - 2016-07-16 12:40 - 00000000 ____D C:\WINDOWS\appcompat
2016-07-14 20:09 - 2016-07-15 09:54 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-07-14 20:09 - 2016-07-14 21:38 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 __RSD C:\WINDOWS\Media
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-07-14 20:09 - 2016-07-14 21:37 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-14 20:09 - 2016-07-14 21:36 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-07-14 20:09 - 2016-07-14 21:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-14 20:09 - 2016-07-14 20:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-07-14 20:09 - 2016-07-14 20:17 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-07-14 20:09 - 2016-07-14 20:17 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-07-14 20:09 - 2016-07-14 20:16 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-07-14 20:09 - 2016-07-14 20:16 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-07-14 20:09 - 2016-07-14 20:16 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-07-14 20:09 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\system32\setup
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\system32\Com
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\IME
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-14 20:09 - 2016-07-14 20:13 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-14 20:09 - 2016-07-14 20:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-07-14 20:09 - 2016-07-14 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-07-14 20:09 - 2016-07-14 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-07-14 20:09 - 2016-07-14 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Web
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Vss
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\tracing
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\TAPI
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SystemResources
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SystemApps
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\ras
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\IME
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\ias
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\System
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SKB
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\ShellNew
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\security
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\schemas
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\SchCache
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Resources
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Registration
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\PLA
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Performance
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\InputMethod
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Globalization
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Cursors
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\Branding
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\addins
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\ProgramData\Comms
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\Program Files\Common Files\Services
2016-07-14 20:09 - 2016-07-14 20:09 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-07-14 20:09 - 2016-07-14 20:07 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-07-14 20:09 - 2016-07-14 20:07 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-07-14 20:09 - 2016-07-14 20:07 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-07-14 20:09 - 2016-07-14 20:07 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-07-14 20:09 - 2016-07-14 20:07 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-07-14 20:09 - 2016-07-14 20:07 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-07-14 20:09 - 2016-07-14 20:07 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-07-14 20:09 - 2016-07-14 20:07 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-07-14 20:09 - 2016-07-14 20:07 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-07-14 20:09 - 2016-07-14 20:07 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-07-14 20:09 - 2016-07-14 20:07 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-07-14 20:09 - 2016-07-14 20:07 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-07-14 20:09 - 2016-07-14 20:07 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-07-14 20:09 - 2016-07-14 20:07 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-07-14 20:09 - 2016-07-14 20:07 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-07-14 20:09 - 2016-07-14 20:07 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-07-14 20:09 - 2016-07-14 20:07 - 00000219 _____ C:\WINDOWS\system.ini
2016-07-14 20:09 - 2016-07-14 20:07 - 00000092 _____ C:\WINDOWS\win.ini
2016-07-14 20:09 - 2016-07-14 19:53 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-07-14 20:09 - 2016-07-14 19:48 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-07-14 20:09 - 2016-07-14 19:40 - 00000000 ____D C:\Program Files\Windows NT
2016-07-14 20:09 - 2016-07-14 19:39 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-14 20:09 - 2016-07-14 19:39 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-07-14 20:09 - 2016-07-14 19:35 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-07-14 20:09 - 2016-07-14 19:35 - 00000000 ____D C:\WINDOWS\system32\spool
2016-07-14 20:09 - 2016-07-14 19:31 - 00000000 ____D C:\WINDOWS\Help
2016-07-14 20:09 - 2016-07-14 19:31 - 00000000 ____D C:\ProgramData\USOPrivate
2016-07-14 20:08 - 2016-07-25 12:20 - 00000000 ____D C:\WINDOWS\INF
2016-07-14 20:08 - 2016-07-25 07:49 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C668A792-D0E6-4B5D-9F08-2D2DE3364F13}
2016-07-14 20:08 - 2016-07-14 20:08 - 00000000 ____D C:\Users\Admin\AppData\Local\Comms
2016-07-14 19:58 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-14 19:54 - 2016-07-14 19:54 - 00002530 _____ C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2016-07-14 19:53 - 2016-07-25 12:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-14 19:53 - 2016-07-14 20:23 - 00933808 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-07-14 19:53 - 2016-07-14 20:23 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2016-07-14 19:53 - 2016-07-14 20:17 - 00238000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-07-14 19:53 - 2016-07-14 19:53 - 00002220 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-07-14 19:53 - 2016-07-14 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-07-14 19:53 - 2016-07-14 19:53 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-07-14 19:53 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2016-07-14 19:52 - 2016-07-14 19:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-07-14 19:50 - 2016-07-14 19:50 - 00002365 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-14 19:50 - 2016-07-14 19:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-07-14 19:50 - 2016-07-14 19:50 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-07-14 19:49 - 2016-07-14 19:49 - 00000000 ____D C:\Users\Admin\AppData\Local\ActiveSync
2016-07-14 19:49 - 2016-07-14 19:49 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-07-14 19:48 - 2016-07-14 19:48 - 00000000 ____D C:\Users\Admin\AppData\Local\Publishers
2016-07-14 19:47 - 2016-07-14 22:44 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2016-07-14 19:47 - 2016-07-14 20:08 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-07-14 19:47 - 2016-07-14 19:47 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2016-07-14 19:47 - 2016-07-14 19:47 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2016-07-14 19:47 - 2016-07-14 19:47 - 00000000 ____D C:\Users\Admin\AppData\Local\TileDataLayer
2016-07-14 19:46 - 2016-07-25 11:23 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-07-14 19:46 - 2016-07-14 20:16 - 00000000 ____D C:\WINDOWS\servicing
2016-07-14 19:46 - 2016-07-14 20:09 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-07-14 19:46 - 2016-07-14 19:53 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-14 19:46 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-07-14 19:44 - 2016-07-25 12:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\Default User
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Users\All Users
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-07-14 19:40 - 2016-07-14 19:40 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-07-14 19:38 - 2016-07-24 20:06 - 00000000 ____D C:\Users\Admin
2016-07-14 19:38 - 2016-07-14 19:39 - 00000000 ____D C:\Users\DefaultAppPool
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Vorlagen
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Startmenü
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Netzwerkumgebung
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Lokale Einstellungen
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Eigene Dateien
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Druckumgebung
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Videos
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Musik
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Bilder
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Verlauf
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Anwendungsdaten
2016-07-14 19:38 - 2016-07-14 19:38 - 00000000 _SHDL C:\Users\Admin\Anwendungsdaten
2016-07-14 19:31 - 2016-07-14 22:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-14 19:31 - 2016-07-14 22:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____D C:\ProgramData\USOShared
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____D C:\Program Files\Realtek
2016-07-14 19:31 - 2016-07-14 19:31 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-14 19:31 - 2016-05-20 04:08 - 06348344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 02454976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-07-14 19:31 - 2016-05-20 04:08 - 00533560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-07-14 19:31 - 2016-05-18 10:37 - 06448223 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-07-14 19:29 - 2016-07-01 07:05 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-07-14 19:27 - 2016-07-25 11:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-14 19:26 - 2016-07-24 17:31 - 00400760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-14 19:26 - 2016-07-14 19:26 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-07-14 17:15 - 2016-07-14 22:16 - 00001035 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2015.lnk
2016-07-14 13:08 - 2016-07-14 13:45 - 00352256 _____ C:\Users\Admin\Documents\Database1.accdb
2016-07-13 23:25 - 2016-07-14 01:20 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
|
|
25.07.2016, 13:16
| #4 |
| | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten FRST Code:
ATTFilter 2016-07-13 16:08 - 2016-07-13 16:00 - 03183488 _____ C:\Users\Admin\Desktop\Mietvertrag_Alexander_Buergin.pdf
2016-07-12 22:57 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-12 22:57 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-12 22:57 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-12 22:57 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-12 22:57 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-12 22:57 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-12 22:57 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-12 22:57 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-12 22:57 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-12 22:57 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-12 22:57 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-12 22:57 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-12 22:57 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-12 22:57 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-12 22:57 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-12 22:57 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-12 22:57 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-12 22:57 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-12 22:57 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-12 22:57 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-12 22:57 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-12 22:57 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-12 22:57 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-12 22:57 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-12 22:57 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-12 22:57 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-12 22:57 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-12 22:57 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-12 22:57 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-12 22:57 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-12 22:57 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-12 22:57 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-12 22:57 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-12 22:57 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-12 22:57 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-12 22:57 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-12 22:57 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-12 22:57 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-12 22:57 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-12 22:57 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-12 22:57 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-12 22:57 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-12 22:57 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-12 22:57 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-12 22:57 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-12 22:57 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-12 22:57 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-12 22:57 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-12 22:57 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-12 22:57 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-12 22:57 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-12 22:57 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-12 22:57 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-12 22:57 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-12 22:57 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-12 22:57 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-12 22:57 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-12 22:57 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-12 22:57 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-12 22:57 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-12 22:57 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-12 22:57 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-12 22:57 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-12 22:57 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-12 22:57 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-12 22:57 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-12 22:57 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-12 22:57 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-12 22:57 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-12 22:57 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-12 22:57 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-12 22:57 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-12 22:57 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-12 22:57 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-12 22:57 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-12 22:57 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-12 22:57 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-12 22:57 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-12 22:57 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-12 22:57 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-12 22:57 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-12 22:57 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-12 22:57 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-12 22:57 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-12 22:57 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-12 22:57 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-12 22:57 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-12 22:57 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-12 22:57 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-12 22:57 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-12 22:57 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-12 22:57 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-12 22:57 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-12 22:57 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-12 22:57 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-12 22:57 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-12 22:57 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-12 22:57 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-12 22:57 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-12 22:57 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-12 22:57 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-12 22:57 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-12 22:57 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-12 22:57 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-12 22:57 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-12 22:57 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-12 22:57 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-12 22:57 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-12 22:57 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-12 22:57 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-12 22:57 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-12 22:57 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-12 22:57 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-12 22:57 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-12 22:57 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-12 22:57 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-12 22:57 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-12 22:57 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-12 22:57 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-12 22:57 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-12 22:57 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-12 22:57 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-12 22:57 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-12 22:57 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-12 22:57 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-12 22:57 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-12 22:57 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-12 22:57 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-12 22:57 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-12 22:56 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-12 22:56 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-12 22:56 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-12 22:56 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-12 22:56 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-12 22:56 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-12 22:56 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-12 22:56 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-12 22:56 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-12 22:56 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-12 22:56 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-12 22:56 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-12 22:56 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-12 22:56 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-12 22:56 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-12 22:56 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-12 22:56 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-12 22:56 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-12 22:56 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-12 22:56 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-12 22:56 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-12 22:56 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-12 22:56 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-12 22:56 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-12 22:56 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-12 22:56 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-12 22:56 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-12 22:56 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-12 22:56 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-12 22:56 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-12 22:56 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-12 22:56 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-12 22:56 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-12 22:56 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-12 22:56 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-12 22:56 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-12 22:56 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-12 22:56 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-12 22:56 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-12 22:56 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-12 22:56 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-12 22:56 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-12 22:56 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-12 22:56 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-12 22:56 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-12 22:56 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-12 22:56 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-12 22:56 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-12 22:56 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-12 22:56 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-12 22:56 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-12 22:56 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-12 22:56 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-12 22:56 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-12 22:56 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-12 22:56 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-12 22:56 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-12 22:56 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-12 22:56 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-12 22:56 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-12 22:56 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-12 22:56 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-12 22:56 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-12 22:56 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-12 22:56 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-12 22:56 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-12 22:56 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-12 22:56 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-12 22:56 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-12 22:56 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-12 22:56 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-12 22:56 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-12 22:56 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-12 22:56 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-12 22:56 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-12 22:56 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-12 22:56 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-12 22:56 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-12 22:56 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-12 22:56 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-12 22:56 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-12 22:56 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-12 22:56 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-12 22:56 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-12 22:56 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-12 22:56 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-12 22:56 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-12 22:56 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-12 22:56 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-12 22:56 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-12 22:56 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-12 22:56 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-12 22:56 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-12 22:56 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-12 22:56 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-12 22:56 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-12 22:56 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-12 22:56 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-12 22:56 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-12 22:56 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-12 22:56 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-12 22:56 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-12 22:56 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-12 22:56 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-12 22:56 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-12 22:56 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-12 22:56 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-12 22:56 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-12 22:56 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-12 22:56 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-12 22:56 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-12 22:56 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-12 22:56 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-12 22:56 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-12 22:56 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-12 22:56 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-12 22:56 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-12 22:56 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-12 22:56 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-12 22:56 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-12 22:56 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-12 22:56 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-12 22:56 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-12 22:56 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-12 22:56 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-12 22:56 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-12 22:56 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-12 22:56 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-12 22:56 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-12 22:56 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-12 22:56 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-12 22:56 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-12 22:56 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-12 22:56 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-12 22:56 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-12 22:56 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-12 22:56 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-12 22:56 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-12 22:56 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-12 22:56 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-12 22:56 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-12 22:56 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-12 22:56 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-12 22:56 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-12 22:56 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-12 22:56 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-12 22:56 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-12 22:56 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-12 22:56 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-12 22:56 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-12 22:56 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-12 22:56 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-12 22:56 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-12 22:56 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-12 22:56 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-12 22:56 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-12 22:56 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-12 22:56 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-12 22:56 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-12 22:56 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-12 22:56 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-12 22:56 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-12 22:56 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-12 22:56 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-12 22:56 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-12 22:56 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-12 22:56 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-12 22:56 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-12 22:56 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-12 22:56 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-12 22:56 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-12 22:56 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-12 22:56 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-12 22:56 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-12 22:56 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-12 22:56 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-12 22:56 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-12 22:55 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-12 22:55 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-12 22:55 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-12 22:55 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-12 22:55 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-12 22:55 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-12 22:55 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-12 22:55 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-12 22:55 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-12 22:55 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-12 22:55 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-12 22:55 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 22:55 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-12 22:55 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-12 22:55 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-12 22:55 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-12 22:55 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-12 22:55 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-12 22:55 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-12 22:55 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-12 22:55 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-12 22:55 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-12 22:55 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-12 22:55 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-12 22:55 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-12 22:55 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-12 22:55 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-12 22:55 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-12 22:55 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-12 22:55 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-12 22:55 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-12 22:55 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-12 22:55 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-12 22:55 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-12 22:55 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-12 22:55 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-12 22:55 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-12 22:55 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-12 22:55 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-12 22:55 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-12 22:55 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-12 22:55 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-12 22:55 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-12 22:55 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-12 22:55 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-12 22:55 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-12 22:55 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-12 22:55 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-12 22:55 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-12 22:55 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-12 22:55 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-12 22:55 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-12 22:55 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-12 22:55 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-12 22:55 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-12 22:55 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-12 22:55 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-12 22:55 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-12 22:55 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-12 22:55 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-12 22:55 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-12 22:55 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-12 22:55 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-12 22:55 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-12 22:55 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-12 22:55 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-12 22:55 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-12 22:55 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-12 22:55 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-12 22:55 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-12 22:55 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-12 22:55 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-12 22:55 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-12 22:55 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-12 22:55 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-12 22:55 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-12 22:55 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-12 22:55 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-12 22:55 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-12 22:55 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-12 22:55 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 20:05 - 2016-07-25 13:53 - 00000000 ____D C:\FRST
2016-07-12 20:04 - 2016-07-12 20:04 - 00000000 ____D C:\AdwCleaner
2016-07-08 18:08 - 2016-07-08 18:03 - 00441266 _____ C:\Users\Admin\Desktop\Bürgschafts-Erklärung_Alexander_Buergin.pdf
2016-07-08 18:08 - 2016-07-08 18:01 - 00728833 _____ C:\Users\Admin\Desktop\Mieter-Selbstauskunft_Alexander_Buergin.pdf
2016-07-04 21:25 - 2016-07-04 21:27 - 02144691 _____ C:\Users\Admin\Desktop\Selbstauskunft.pdf
2016-07-04 21:25 - 2016-07-04 21:25 - 00777273 _____ C:\Users\Admin\Desktop\IMG_20160704_0001.pdf
2016-07-02 23:35 - 2016-07-03 01:21 - 00054272 _____ C:\Users\Admin\Desktop\Autokosten.xls
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-15 11:16 - 2016-03-04 00:55 - 00000000 ___HD C:\$SysReset
2016-07-14 22:31 - 2009-08-03 11:12 - 01288192 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\P17.sys
2016-07-14 22:21 - 2016-01-11 11:57 - 20305768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-07-14 22:21 - 2016-01-11 11:57 - 14410024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-07-14 22:21 - 2016-01-11 11:57 - 13509184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-07-14 22:21 - 2016-01-11 11:57 - 03811440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-07-14 22:21 - 2016-01-11 11:57 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-07-14 22:21 - 2016-01-11 11:57 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-07-14 22:20 - 2016-01-12 03:03 - 01469952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2016-07-14 22:20 - 2015-07-28 21:37 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-07-14 22:13 - 2016-06-08 19:39 - 00001595 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-14 21:47 - 2016-01-11 11:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-14 20:23 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-07-14 20:23 - 2015-06-11 19:35 - 00049240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-07-14 20:23 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2016-07-14 20:23 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2016-07-14 19:50 - 2016-01-13 22:09 - 00000000 ___RD C:\Users\Admin\OneDrive
2016-07-14 17:07 - 2016-01-13 23:58 - 00000000 ____D C:\Users\Admin\Documents\My Games
2016-07-13 23:28 - 2016-03-31 14:13 - 00000000 ____D C:\Users\Admin\Documents\Outlook-Dateien
2016-07-04 15:02 - 2016-06-13 16:52 - 00000000 ____D C:\Users\Admin\Desktop\CoBa Arena
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-07-14 22:45 - 2016-07-14 22:45 - 23459840 _____ () C:\Users\Admin\AppData\Local\Sync.msi
2016-07-14 22:45 - 2016-07-14 22:45 - 0227414 _____ () C:\Users\Admin\AppData\Local\Sync.msi.log
2016-07-14 19:31 - 2016-07-14 19:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-07-25 09:32
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-07-2016
durchgeführt von Admin (2016-07-25 12:31:20)
Gestartet von D:\Downloads
Windows 10 Home Version 1511 (X64) (2016-07-14 17:40:56)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2099768261-1985419089-1635406796-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2099768261-1985419089-1635406796-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2099768261-1985419089-1635406796-503 - Limited - Disabled)
Gast (S-1-5-21-2099768261-1985419089-1635406796-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 2015 v.1.15.2 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.2 - Ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.45.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.4266.1003 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Paradox Converter 2.85 (HKLM-x32\...\Paradox Converter) (Version: 2.85 - HiBase Group)
PDF24 Creator 7.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0F054AC6-45A3-4DCD-80C7-FB0262317059} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {57E7C020-2D6D-42E9-A4D7-8E9C77D50FC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {623E34F4-EF97-4A5D-BBF5-A9043EA80E04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-07-16] (Microsoft Corporation)
Task: {632431CF-75FF-4E86-BBD5-8C2ED4F6BE06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {93461E3B-D082-4FE7-A661-E2FD47DFA404} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {9CE39BF5-A4A2-4E7D-B43B-BDFCE8F559B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {9D128945-0301-472B-8C57-8C0408C59D86} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AAB4ADB4-55C3-4A9C-B563-3292904FA59F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-07-16] (Microsoft Corporation)
Task: {B30A99D8-09E6-4F92-94FA-FEE2766EDD47} - System32\Tasks\Driver Booster Scheduler => D:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {B59ED781-DFA6-4E83-BB4A-B8C6E18E621C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {BC045063-5C22-4E16-A01B-C55519E7A2EC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-14] (Dropbox, Inc.)
Task: {D97B64E6-0A1E-4F76-82DC-1A8297F4A781} - System32\Tasks\Driver Booster SkipUAC (Admin) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {EB002A56-C601-4B55-87CD-831AE39800E3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-14] (Dropbox, Inc.)
Task: {F07CB10E-BC14-41DC-96A1-515305712EF4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {F73A2668-24A4-491E-B05A-88B19AB53064} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-16 23:21 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-14 19:31 - 2016-05-20 04:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-12 22:55 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 22:55 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-22 15:29 - 2016-02-22 15:29 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 22:57 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 22:55 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 22:55 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 22:55 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 22:55 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-25 08:35 - 2016-07-19 03:31 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.82\libglesv2.dll
2016-07-25 08:35 - 2016-07-19 03:31 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.82\libegl.dll
2015-10-30 20:47 - 2015-10-30 20:47 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-25 09:53 - 2016-07-25 09:55 - 00380928 _____ () D:\Downloads\gmer-2.2.19882.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-07-14 22:32 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-14 22:32 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-14 22:32 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-14 22:32 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-07-14 22:32 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-10-30 20:47 - 2015-10-30 20:47 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-10-30 20:47 - 2015-10-30 20:47 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Admin\Desktop\Praktikumspräsentation.pptx:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-14 20:09 - 2016-07-14 20:07 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2099768261-1985419089-1635406796-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B0932FD1-D710-4995-AEDA-0FB1738DD79A}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C524D2-A471-423B-9F32-E90EB08A3EC9}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{64537F99-B437-494D-8544-0960D06A8040}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E5CBB80B-DCC5-4178-9AB6-F7B02C581AF1}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7BE10193-5E65-4764-BB90-DDD69CB93417}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6AD63BF3-91F9-43A3-A238-10813B6BDB55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{947EB62F-D00D-43BF-BF9F-A01B41AF3A95}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1E28EB22-9169-4E34-A540-322E2E418427}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8FAAFAD5-2A42-48ED-BF05-750CC26D211C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7067435F-74C3-4170-9EC9-1D38C4ECB89A}] => (Allow) D:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D2FD7D61-AAE4-4960-AD0F-F27A592F7C06}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{DCAA96FA-C8F8-4F9B-B48C-B3298B347F97}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{A53C53DD-0189-4377-BE1C-8FA7141A19F6}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{703B1A41-E737-4B5C-B291-102FF0F0A913}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{CD369EA1-889B-488A-AF2D-ABA0F4B15CFA}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{5D6139DA-C9F1-4419-93D2-B65AFFA76451}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{104683F8-1241-4F43-816B-36CD5F173891}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{49D2B2E6-C2AF-4B6B-A391-B25B0FB883E6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7D1030FF-5E51-4ED1-B5E1-3FF284B06293}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{98B65823-F1C3-4BF9-9964-DB5E87F5F56D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{830D1025-BE50-4001-A7FA-0E6914B145B5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AFEB047B-4BF8-4AC6-8B5C-21C6890E4780}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{310F89C8-8C24-42C9-96BF-676CBAEAD144}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C8334DD1-5F0D-4D0D-8B84-6150C272AD7D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{488020F1-DDD7-45EF-84B8-2F643AA67693}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{7B7C90F4-B3A2-451C-BB59-F0A58283AFF8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{F8585E98-DBF6-4E07-B335-8B7BA7D2E0A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{3B09E4E6-770C-4CFD-8E64-C4B68495FA7B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B541B21B-A817-4759-8879-2AD512D294F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{6B4621B9-1B2E-4B91-A793-368C399FC1C7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{502F71B1-6A71-4318-A1A6-CA9A9B060222}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
18-07-2016 23:05:16 Removed Sync
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/25/2016 12:23:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (07/25/2016 11:23:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (07/25/2016 11:22:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-JH7JDHE)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_2.3.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/25/2016 11:09:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gmer-2.2.19882.exe, Version: 2.2.19882.0, Zeitstempel: 0x56e2cdca
Name des fehlerhaften Moduls: gmer-2.2.19882.exe, Version: 2.2.19882.0, Zeitstempel: 0x56e2cdca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008de57
ID des fehlerhaften Prozesses: 0x1de8
Startzeit der fehlerhaften Anwendung: 0xgmer-2.2.19882.exe0
Pfad der fehlerhaften Anwendung: gmer-2.2.19882.exe1
Pfad des fehlerhaften Moduls: gmer-2.2.19882.exe2
Berichtskennung: gmer-2.2.19882.exe3
Vollständiger Name des fehlerhaften Pakets: gmer-2.2.19882.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: gmer-2.2.19882.exe5
Error: (07/25/2016 11:07:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (07/25/2016 11:06:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (07/25/2016 10:40:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (07/25/2016 10:40:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-JH7JDHE)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/25/2016 10:20:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (07/25/2016 10:18:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Systemfehler:
=============
Error: (07/25/2016 12:29:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/25/2016 11:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_2fd5d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2016 11:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _2fd5d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2016 11:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_2fd5d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2016 11:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_2fd5d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2016 11:46:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/25/2016 11:46:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/25/2016 11:43:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/25/2016 11:43:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/25/2016 11:40:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2016-07-16 23:31:00.182
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 23:25:43.252
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 22:19:45.062
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 21:45:38.274
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 21:11:06.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 19:29:49.485
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8117.73 MB
Verfügbarer physikalischer RAM: 5692.94 MB
Summe virtueller Speicher: 9397.73 MB
Verfügbarer virtueller Speicher: 6901.27 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:199.95 GB) (Free:146.91 GB) NTFS
Drive d: () (Fixed) (Total:730.31 GB) (Free:658.12 GB) NTFS
Drive e: (16.0.4266.1003) (CDROM) (Total:2.22 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BB8B5770)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
25.07.2016, 13:17
| #5 |
| | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten von Schritt 2 TSSKiller Code:
ATTFilter 13:57:36.0711 0x2360 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:57:36.0716 0x2360 UEFI system
13:57:41.0305 0x2360 ============================================================
13:57:41.0305 0x2360 Current date / time: 2016/07/25 13:57:41.0305
13:57:41.0305 0x2360 SystemInfo:
13:57:41.0305 0x2360
13:57:41.0305 0x2360 OS Version: 10.0.10586 ServicePack: 0.0
13:57:41.0305 0x2360 Product type: Workstation
13:57:41.0305 0x2360 ComputerName: MININT-JH7JDHE
13:57:41.0305 0x2360 UserName: Admin
13:57:41.0305 0x2360 Windows directory: C:\WINDOWS
13:57:41.0305 0x2360 System windows directory: C:\WINDOWS
13:57:41.0305 0x2360 Running under WOW64
13:57:41.0306 0x2360 Processor architecture: Intel x64
13:57:41.0306 0x2360 Number of processors: 8
13:57:41.0306 0x2360 Page size: 0x1000
13:57:41.0306 0x2360 Boot type: Normal boot
13:57:41.0306 0x2360 ============================================================
13:57:41.0459 0x2360 KLMD registered as C:\WINDOWS\system32\drivers\12475046.sys
13:57:41.0878 0x2360 System UUID: {BC3A0EE8-900A-E5AC-39EB-849099BE554C}
13:57:42.0734 0x2360 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:57:42.0736 0x2360 ============================================================
13:57:42.0736 0x2360 \Device\Harddisk0\DR0:
13:57:42.0736 0x2360 GPT partitions:
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3B9C937-32AD-4A60-9439-34B4D0B56701}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {75AC6FDE-D8BC-4DA5-BBA6-2E962ECA6298}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {28E6D3E5-9744-4B7B-9E04-9A27F9D1E6E5}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x18FE7000
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {66CA89DD-0AF8-4434-A71D-47682427A919}, Name: , StartLBA 0x19059800, BlocksNum 0xE1000
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {90674AE9-1B31-48DA-A6FE-9CD6BF5148A9}, Name: Basic data partition, StartLBA 0x1913A800, BlocksNum 0x12C000
13:57:42.0737 0x2360 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C7FD97D-9799-446E-A5FD-2FF80BB4566C}, Name: Basic data partition, StartLBA 0x19266800, BlocksNum 0x5B4A0000
13:57:42.0737 0x2360 MBR partitions:
13:57:42.0737 0x2360 ============================================================
13:57:42.0747 0x2360 C: <-> \Device\Harddisk0\DR0\Partition3
13:57:42.0764 0x2360 D: <-> \Device\Harddisk0\DR0\Partition6
13:57:42.0764 0x2360 ============================================================
13:57:42.0764 0x2360 Initialize success
13:57:42.0764 0x2360 ============================================================
13:58:11.0286 0x2078 ============================================================
13:58:11.0286 0x2078 Scan started
13:58:11.0286 0x2078 Mode: Manual; SigCheck; TDLFS;
13:58:11.0286 0x2078 ============================================================
13:58:11.0286 0x2078 KSN ping started
13:58:11.0427 0x2078 KSN ping finished: true
13:58:14.0017 0x2078 ================ Scan system memory ========================
13:58:14.0017 0x2078 System memory - ok
13:58:14.0018 0x2078 ================ Scan services =============================
13:58:14.0166 0x2078 1394ohci - ok
13:58:14.0174 0x2078 3ware - ok
13:58:14.0187 0x2078 ACPI - ok
13:58:14.0204 0x2078 acpiex - ok
13:58:14.0215 0x2078 acpipagr - ok
13:58:14.0249 0x2078 AcpiPmi - ok
13:58:14.0266 0x2078 acpitime - ok
13:58:14.0291 0x2078 ADP80XX - ok
13:58:14.0304 0x2078 AFD - ok
13:58:14.0319 0x2078 agp440 - ok
13:58:14.0322 0x2078 ahcache - ok
13:58:14.0331 0x2078 AJRouter - ok
13:58:14.0340 0x2078 ALG - ok
13:58:14.0360 0x2078 AmdK8 - ok
13:58:14.0363 0x2078 AmdPPM - ok
13:58:14.0366 0x2078 amdsata - ok
13:58:14.0383 0x2078 amdsbs - ok
13:58:14.0391 0x2078 amdxata - ok
13:58:14.0393 0x2078 AppID - ok
13:58:14.0406 0x2078 AppIDSvc - ok
13:58:14.0417 0x2078 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:58:14.0444 0x2078 Appinfo - ok
13:58:14.0484 0x2078 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:58:14.0491 0x2078 Apple Mobile Device Service - ok
13:58:14.0513 0x2078 AppReadiness - ok
13:58:14.0530 0x2078 AppXSvc - ok
13:58:14.0541 0x2078 arcsas - ok
13:58:14.0543 0x2078 AsyncMac - ok
13:58:14.0552 0x2078 atapi - ok
13:58:14.0595 0x2078 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:58:14.0619 0x2078 AudioEndpointBuilder - ok
13:58:14.0656 0x2078 [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:58:14.0687 0x2078 Audiosrv - ok
13:58:14.0730 0x2078 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
13:58:14.0740 0x2078 AVP16.0.0 - ok
13:58:14.0764 0x2078 AxInstSV - ok
13:58:14.0768 0x2078 b06bdrv - ok
13:58:14.0784 0x2078 BasicDisplay - ok
13:58:14.0787 0x2078 BasicRender - ok
13:58:14.0800 0x2078 bcmfn - ok
13:58:14.0809 0x2078 bcmfn2 - ok
13:58:14.0824 0x2078 BDESVC - ok
13:58:14.0837 0x2078 Beep - ok
13:58:14.0887 0x2078 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
13:58:14.0918 0x2078 BFE - ok
13:58:14.0963 0x2078 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
13:58:15.0002 0x2078 BITS - ok
13:58:15.0041 0x2078 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:58:15.0052 0x2078 Bonjour Service - ok
13:58:15.0060 0x2078 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:58:15.0072 0x2078 bowser - ok
13:58:15.0143 0x2078 [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:58:15.0191 0x2078 BrokerInfrastructure - ok
13:58:15.0201 0x2078 Browser - ok
13:58:15.0219 0x2078 BthAvrcpTg - ok
13:58:15.0222 0x2078 BthHFEnum - ok
13:58:15.0235 0x2078 bthhfhid - ok
13:58:15.0260 0x2078 BthHFSrv - ok
13:58:15.0269 0x2078 BTHMODEM - ok
13:58:15.0281 0x2078 bthserv - ok
13:58:15.0310 0x2078 buttonconverter - ok
13:58:15.0330 0x2078 CapImg - ok
13:58:15.0345 0x2078 cdfs - ok
13:58:15.0352 0x2078 CDPSvc - ok
13:58:15.0357 0x2078 cdrom - ok
13:58:15.0368 0x2078 CertPropSvc - ok
13:58:15.0377 0x2078 circlass - ok
13:58:15.0387 0x2078 CLFS - ok
13:58:15.0516 0x2078 [ 323DE48A358D07B81A8DB72057238359, 71854D2C40664493E05C0A7E4F0C7CC74ADA1A63EEC1D4FE32350F6AF8728243 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:58:15.0582 0x2078 ClickToRunSvc - ok
13:58:15.0607 0x2078 ClipSVC - ok
13:58:15.0619 0x2078 CmBatt - ok
13:58:15.0638 0x2078 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\drivers\cm_km.sys
13:58:15.0649 0x2078 cm_km - ok
13:58:15.0660 0x2078 CNG - ok
13:58:15.0663 0x2078 cnghwassist - ok
13:58:15.0703 0x2078 CompositeBus - ok
13:58:15.0705 0x2078 COMSysApp - ok
13:58:15.0727 0x2078 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:58:15.0735 0x2078 condrv - ok
13:58:15.0774 0x2078 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:58:15.0796 0x2078 CoreMessagingRegistrar - ok
13:58:15.0820 0x2078 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:58:15.0830 0x2078 CryptSvc - ok
13:58:15.0838 0x2078 dam - ok
13:58:15.0875 0x2078 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:58:15.0882 0x2078 dbupdate - ok
13:58:15.0885 0x2078 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:58:15.0891 0x2078 dbupdatem - ok
13:58:15.0934 0x2078 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:58:15.0964 0x2078 DcomLaunch - ok
13:58:15.0979 0x2078 DcpSvc - ok
13:58:16.0003 0x2078 defragsvc - ok
13:58:16.0005 0x2078 DeviceAssociationService - ok
13:58:16.0033 0x2078 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:58:16.0052 0x2078 DeviceInstall - ok
13:58:16.0055 0x2078 DevQueryBroker - ok
13:58:16.0069 0x2078 Dfsc - ok
13:58:16.0094 0x2078 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:58:16.0110 0x2078 Dhcp - ok
13:58:16.0157 0x2078 diagnosticshub.standardcollector.service - ok
13:58:16.0304 0x2078 [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:58:16.0381 0x2078 DiagTrack - ok
13:58:16.0413 0x2078 disk - ok
13:58:16.0428 0x2078 DmEnrollmentSvc - ok
13:58:16.0439 0x2078 dmvsc - ok
13:58:16.0443 0x2078 dmwappushservice - ok
13:58:16.0473 0x2078 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:58:16.0490 0x2078 Dnscache - ok
13:58:16.0505 0x2078 dot3svc - ok
13:58:16.0517 0x2078 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
13:58:16.0530 0x2078 DPS - ok
13:58:16.0560 0x2078 drmkaud - ok
13:58:16.0576 0x2078 DsmSvc - ok
13:58:16.0585 0x2078 DsSvc - ok
13:58:16.0599 0x2078 DXGKrnl - ok
13:58:16.0610 0x2078 Eaphost - ok
13:58:16.0633 0x2078 ebdrv - ok
13:58:16.0655 0x2078 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
13:58:16.0666 0x2078 EFS - ok
13:58:16.0689 0x2078 EhStorClass - ok
13:58:16.0702 0x2078 EhStorTcgDrv - ok
13:58:16.0718 0x2078 embeddedmode - ok
13:58:16.0741 0x2078 EntAppSvc - ok
13:58:16.0758 0x2078 ErrDev - ok
13:58:16.0773 0x2078 [ B5BB7C38E9EEC3FB462861E8E9ED1912, 0EC736EF2CE9D34581FB7BDE6C185EC03B763F5088142E458D07CC602ED9CB2B ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
13:58:16.0778 0x2078 ETDSMBus - ok
13:58:16.0818 0x2078 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
13:58:16.0838 0x2078 EventSystem - ok
13:58:16.0841 0x2078 exfat - ok
13:58:16.0866 0x2078 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:58:16.0879 0x2078 fastfat - ok
13:58:16.0902 0x2078 Fax - ok
13:58:16.0914 0x2078 fcvsc - ok
13:58:16.0916 0x2078 fdc - ok
13:58:16.0932 0x2078 fdPHost - ok
13:58:16.0935 0x2078 FDResPub - ok
13:58:16.0954 0x2078 fhsvc - ok
13:58:16.0970 0x2078 FileCrypt - ok
13:58:16.0979 0x2078 FileInfo - ok
13:58:16.0982 0x2078 Filetrace - ok
13:58:16.0992 0x2078 flpydisk - ok
13:58:16.0996 0x2078 FltMgr - ok
13:58:17.0042 0x2078 [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache C:\WINDOWS\system32\FntCache.dll
13:58:17.0094 0x2078 FontCache - ok
13:58:17.0164 0x2078 FontCache3.0.0.0 - ok
13:58:17.0178 0x2078 FsDepends - ok
13:58:17.0188 0x2078 Fs_Rec - ok
13:58:17.0190 0x2078 fvevol - ok
13:58:17.0200 0x2078 gagp30kx - ok
13:58:17.0238 0x2078 gencounter - ok
13:58:17.0268 0x2078 genericusbfn - ok
13:58:17.0281 0x2078 GPIOClx0101 - ok
13:58:17.0319 0x2078 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:58:17.0360 0x2078 gpsvc - ok
13:58:17.0380 0x2078 GpuEnergyDrv - ok
13:58:17.0421 0x2078 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:17.0428 0x2078 gupdate - ok
13:58:17.0431 0x2078 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:17.0437 0x2078 gupdatem - ok
13:58:17.0447 0x2078 HdAudAddService - ok
13:58:17.0451 0x2078 HDAudBus - ok
13:58:17.0468 0x2078 HidBatt - ok
13:58:17.0484 0x2078 HidBth - ok
13:58:17.0493 0x2078 hidi2c - ok
13:58:17.0496 0x2078 hidinterrupt - ok
13:58:17.0501 0x2078 HidIr - ok
13:58:17.0529 0x2078 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:58:17.0541 0x2078 hidserv - ok
13:58:17.0555 0x2078 HidUsb - ok
13:58:17.0568 0x2078 HomeGroupListener - ok
13:58:17.0602 0x2078 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:58:17.0625 0x2078 HomeGroupProvider - ok
13:58:17.0635 0x2078 HpSAMD - ok
13:58:17.0670 0x2078 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:58:17.0697 0x2078 HTTP - ok
13:58:17.0759 0x2078 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
13:58:17.0764 0x2078 HWiNFO32 - ok
13:58:17.0788 0x2078 hwpolicy - ok
13:58:17.0798 0x2078 hyperkbd - ok
13:58:17.0811 0x2078 i8042prt - ok
13:58:17.0826 0x2078 iai2c - ok
13:58:17.0852 0x2078 iaLPSS2i_I2C - ok
13:58:17.0861 0x2078 iaLPSSi_GPIO - ok
13:58:17.0865 0x2078 iaLPSSi_I2C - ok
13:58:17.0908 0x2078 [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
13:58:17.0937 0x2078 iaStorA - ok
13:58:17.0952 0x2078 iaStorAV - ok
13:58:17.0960 0x2078 iaStorV - ok
13:58:17.0983 0x2078 ibbus - ok
13:58:18.0010 0x2078 icssvc - ok
13:58:18.0013 0x2078 IEEtwCollectorService - ok
13:58:18.0047 0x2078 [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:58:18.0078 0x2078 IKEEXT - ok
13:58:18.0163 0x2078 [ 69976169745EDFB3225D9ABEB5E91155, D1AFF69AF178B46FD9F319AA9DF8738ACB03559DE24C1114EEF46A22D01F0982 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:58:18.0247 0x2078 IntcAzAudAddService - ok
13:58:18.0257 0x2078 intelide - ok
13:58:18.0277 0x2078 intelpep - ok
13:58:18.0282 0x2078 intelppm - ok
13:58:18.0288 0x2078 IoQos - ok
13:58:18.0301 0x2078 IpFilterDriver - ok
13:58:18.0334 0x2078 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:58:18.0365 0x2078 iphlpsvc - ok
13:58:18.0377 0x2078 IPMIDRV - ok
13:58:18.0389 0x2078 IPNAT - ok
13:58:18.0438 0x2078 [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:58:18.0452 0x2078 iPod Service - ok
13:58:18.0456 0x2078 IRENUM - ok
13:58:18.0470 0x2078 isapnp - ok
13:58:18.0477 0x2078 iScsiPrt - ok
13:58:18.0488 0x2078 kbdclass - ok
13:58:18.0491 0x2078 kbdhid - ok
13:58:18.0493 0x2078 kdnic - ok
13:58:18.0514 0x2078 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:58:18.0524 0x2078 KeyIso - ok
13:58:18.0554 0x2078 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
13:58:18.0566 0x2078 kl1 - ok
13:58:18.0598 0x2078 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
13:58:18.0605 0x2078 klbackupdisk - ok
13:58:18.0611 0x2078 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
13:58:18.0619 0x2078 klbackupflt - ok
13:58:18.0643 0x2078 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
13:58:18.0649 0x2078 kldisk - ok
13:58:18.0658 0x2078 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
13:58:18.0667 0x2078 klelam - ok
13:58:18.0676 0x2078 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
13:58:18.0683 0x2078 klflt - ok
13:58:18.0734 0x2078 [ BE1DF4E950FF00A19BB72FA29CAEE32E, 24D8111B8782B4FB8612AB9DCE6A3A5EA63CE4B75DC717D0ECC5C6BCBCCF01AA ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
13:58:18.0743 0x2078 klhk - ok
13:58:18.0766 0x2078 [ B72D1864B3EC6E429DB127A642CFB8BB, 43954F7E04158D79D44D0D6866838043A2B49B49EBF15A57DB120DB7AC3C19CE ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
13:58:18.0785 0x2078 KLIF - ok
13:58:18.0792 0x2078 [ 161573B8BE82D24ED8B5B8EBA01245EA, 3CC124C717C2484A4DE0D415A2564D62D1A4B6E9DED65136B094304FCDE74CE0 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
13:58:18.0797 0x2078 KLIM6 - ok
13:58:18.0804 0x2078 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
13:58:18.0809 0x2078 klkbdflt - ok
13:58:18.0815 0x2078 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
13:58:18.0821 0x2078 klmouflt - ok
13:58:18.0832 0x2078 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
13:58:18.0838 0x2078 klpd - ok
13:58:18.0852 0x2078 [ 8334692AFEB3289984B40898B6B30C06, 6A337CC33B0EFC3B61BFCABFDFE305BE1D334620FB4D87DDEDBC8214966D6DDE ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
13:58:18.0858 0x2078 klwfp - ok
13:58:18.0877 0x2078 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
13:58:18.0884 0x2078 Klwtp - ok
13:58:18.0898 0x2078 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
13:58:18.0906 0x2078 kneps - ok
13:58:18.0921 0x2078 KSecDD - ok
13:58:18.0928 0x2078 KSecPkg - ok
13:58:18.0929 0x2078 ksthunk - ok
13:58:18.0944 0x2078 KtmRm - ok
13:58:18.0982 0x2078 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:58:19.0000 0x2078 LanmanServer - ok
13:58:19.0029 0x2078 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:58:19.0049 0x2078 LanmanWorkstation - ok
13:58:19.0085 0x2078 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:58:19.0096 0x2078 lfsvc - ok
13:58:19.0103 0x2078 LicenseManager - ok
13:58:19.0126 0x2078 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
13:58:19.0137 0x2078 lltdio - ok
13:58:19.0139 0x2078 lltdsvc - ok
13:58:19.0154 0x2078 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:58:19.0166 0x2078 lmhosts - ok
13:58:19.0186 0x2078 LSI_SAS - ok
13:58:19.0210 0x2078 LSI_SAS2i - ok
13:58:19.0228 0x2078 LSI_SAS3i - ok
13:58:19.0237 0x2078 LSI_SSS - ok
13:58:19.0267 0x2078 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
13:58:19.0292 0x2078 LSM - ok
13:58:19.0301 0x2078 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:58:19.0315 0x2078 luafv - ok
13:58:19.0326 0x2078 MapsBroker - ok
13:58:19.0332 0x2078 megasas - ok
13:58:19.0357 0x2078 megasr - ok
13:58:19.0375 0x2078 [ 84178491109A97D0A0CFF0840A644CD9, B822A9F7C9623764430435DBCE1380386D0A0D9784779DDD3A7A2E59FC29AFF6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:58:19.0388 0x2078 MEIx64 - ok
13:58:19.0400 0x2078 MessagingService - ok
13:58:19.0563 0x2078 [ 4CF921F589056941055B1AD7016B1C9B, 0B72EAB7E5581DAA2A7461EC4A3A5780795CEDC609DAADC399F430BA2DC8F4C4 ] MFE_RR C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys
13:58:19.0568 0x2078 MFE_RR - ok
13:58:19.0575 0x2078 mlx4_bus - ok
13:58:19.0584 0x2078 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:58:19.0593 0x2078 MMCSS - ok
13:58:19.0605 0x2078 Modem - ok
13:58:19.0620 0x2078 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:58:19.0630 0x2078 monitor - ok
13:58:19.0639 0x2078 mouclass - ok
13:58:19.0650 0x2078 mouhid - ok
13:58:19.0652 0x2078 mountmgr - ok
13:58:19.0666 0x2078 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:58:19.0676 0x2078 mpsdrv - ok
13:58:19.0711 0x2078 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:58:19.0741 0x2078 MpsSvc - ok
13:58:19.0771 0x2078 MRxDAV - ok
13:58:19.0810 0x2078 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:58:19.0824 0x2078 mrxsmb - ok
13:58:19.0856 0x2078 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:58:19.0874 0x2078 mrxsmb10 - ok
13:58:19.0894 0x2078 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:58:19.0904 0x2078 mrxsmb20 - ok
13:58:19.0907 0x2078 MsBridge - ok
13:58:19.0919 0x2078 MSDTC - ok
13:58:19.0924 0x2078 Msfs - ok
13:58:19.0955 0x2078 msgpiowin32 - ok
13:58:19.0968 0x2078 mshidkmdf - ok
13:58:19.0970 0x2078 mshidumdf - ok
13:58:19.0987 0x2078 msisadrv - ok
13:58:20.0005 0x2078 MSiSCSI - ok
13:58:20.0007 0x2078 msiserver - ok
13:58:20.0009 0x2078 MSKSSRV - ok
13:58:20.0025 0x2078 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:58:20.0036 0x2078 MsLldp - ok
13:58:20.0047 0x2078 MSPCLOCK - ok
13:58:20.0055 0x2078 MSPQM - ok
13:58:20.0063 0x2078 MsRPC - ok
13:58:20.0070 0x2078 mssmbios - ok
13:58:20.0072 0x2078 MSTEE - ok
13:58:20.0082 0x2078 MTConfig - ok
13:58:20.0088 0x2078 Mup - ok
13:58:20.0091 0x2078 mvumis - ok
13:58:20.0094 0x2078 NativeWifiP - ok
13:58:20.0102 0x2078 NcaSvc - ok
13:58:20.0138 0x2078 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:58:20.0156 0x2078 NcbService - ok
13:58:20.0160 0x2078 NcdAutoSetup - ok
13:58:20.0167 0x2078 ndfltr - ok
13:58:20.0169 0x2078 NDIS - ok
13:58:20.0176 0x2078 NdisCap - ok
13:58:20.0184 0x2078 NdisImPlatform - ok
13:58:20.0197 0x2078 NdisTapi - ok
13:58:20.0199 0x2078 Ndisuio - ok
13:58:20.0202 0x2078 NdisVirtualBus - ok
13:58:20.0204 0x2078 NdisWan - ok
13:58:20.0207 0x2078 ndiswanlegacy - ok
13:58:20.0213 0x2078 ndproxy - ok
13:58:20.0231 0x2078 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:58:20.0242 0x2078 Ndu - ok
13:58:20.0255 0x2078 NetBIOS - ok
13:58:20.0265 0x2078 NetBT - ok
13:58:20.0273 0x2078 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:58:20.0282 0x2078 Netlogon - ok
13:58:20.0316 0x2078 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
13:58:20.0334 0x2078 Netman - ok
13:58:20.0354 0x2078 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:58:20.0380 0x2078 netprofm - ok
13:58:20.0398 0x2078 NetSetupSvc - ok
13:58:20.0451 0x2078 NetTcpPortSharing - ok
13:58:20.0482 0x2078 NgcCtnrSvc - ok
13:58:20.0493 0x2078 NgcSvc - ok
13:58:20.0508 0x2078 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:58:20.0530 0x2078 NlaSvc - ok
13:58:20.0537 0x2078 Npfs - ok
13:58:20.0563 0x2078 npsvctrig - ok
13:58:20.0576 0x2078 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
13:58:20.0588 0x2078 nsi - ok
13:58:20.0591 0x2078 nsiproxy - ok
13:58:20.0598 0x2078 NTFS - ok
13:58:20.0600 0x2078 Null - ok
13:58:20.0626 0x2078 [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
13:58:20.0634 0x2078 NVHDA - ok
13:58:20.0861 0x2078 [ 465FAB36A897C77E8E34767BFDC47B90, AE3AE9889C25BC92C4217A9A2E387BF8EC04CDECFA1FA5844F231B0489BD40B1 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:58:21.0115 0x2078 nvlddmkm - ok
13:58:21.0152 0x2078 nvraid - ok
13:58:21.0159 0x2078 nvstor - ok
13:58:21.0181 0x2078 [ 6DCBBEFD675E45DD18270937D34B61DA, 1910359C168FC043C72E605B3E7147BD16DD595EB546C24CF49DC1058A73862D ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
13:58:21.0192 0x2078 NvStUSB - ok
13:58:21.0232 0x2078 [ 254C8DFF98ECCEDD9EB273261807E843, A92F50E7928F46AC8B633D93718E03C2A03E5A099B8FEAD0CFF7CEC46EA3ACCA ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
13:58:21.0258 0x2078 nvsvc - ok
13:58:21.0262 0x2078 nv_agp - ok
13:58:21.0295 0x2078 [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
13:58:21.0321 0x2078 OneSyncSvc - ok
13:58:21.0392 0x2078 [ B8ACC8BA375013AA89DDE48A1307B81A, 2655AAF3FE702B735A8AB635272B20E44FBA44DB2254B71233AFCAFDD1D15ED9 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:58:21.0401 0x2078 ose64 - ok
13:58:21.0446 0x2078 [ 66A2C70DA35E8559982EE9D205329E1A, 0DE7971D0618ED1AD9EB42C13AA9348F5BA96EA6B3EF2BFF70D2522D748AD7E0 ] P17 C:\WINDOWS\system32\drivers\P17.sys
13:58:21.0497 0x2078 P17 - ok
13:58:21.0513 0x2078 p2pimsvc - ok
13:58:21.0529 0x2078 p2psvc - ok
13:58:21.0556 0x2078 Parport - ok
13:58:21.0567 0x2078 partmgr - ok
13:58:21.0585 0x2078 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:58:21.0604 0x2078 PcaSvc - ok
13:58:21.0610 0x2078 pci - ok
13:58:21.0628 0x2078 pciide - ok
13:58:21.0652 0x2078 pcmcia - ok
13:58:21.0654 0x2078 pcw - ok
13:58:21.0660 0x2078 pdc - ok
13:58:21.0690 0x2078 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:58:21.0717 0x2078 PEAUTH - ok
13:58:21.0728 0x2078 percsas2i - ok
13:58:21.0746 0x2078 percsas3i - ok
13:58:21.0789 0x2078 PerfHost - ok
13:58:21.0811 0x2078 PhoneSvc - ok
13:58:21.0875 0x2078 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:58:21.0893 0x2078 PimIndexMaintenanceSvc - ok
13:58:21.0913 0x2078 pla - ok
13:58:21.0993 0x2078 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:58:22.0010 0x2078 PlugPlay - ok
13:58:22.0190 0x2078 pmem - ok
13:58:22.0204 0x2078 PNRPAutoReg - ok
13:58:22.0207 0x2078 PNRPsvc - ok
13:58:22.0246 0x2078 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:58:22.0264 0x2078 PolicyAgent - ok
13:58:22.0283 0x2078 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
13:58:22.0297 0x2078 Power - ok
13:58:22.0306 0x2078 PptpMiniport - ok
13:58:22.0395 0x2078 [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:58:22.0514 0x2078 PrintNotify - ok
13:58:22.0546 0x2078 Processor - ok
13:58:22.0566 0x2078 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:58:22.0586 0x2078 ProfSvc - ok
13:58:22.0606 0x2078 Psched - ok
13:58:22.0622 0x2078 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
13:58:22.0627 0x2078 PSI - ok
13:58:22.0646 0x2078 QWAVE - ok
13:58:22.0652 0x2078 QWAVEdrv - ok
13:58:22.0662 0x2078 RasAcd - ok
13:58:22.0703 0x2078 RasAgileVpn - ok
13:58:22.0726 0x2078 RasAuto - ok
13:58:22.0744 0x2078 Rasl2tp - ok
13:58:22.0755 0x2078 RasMan - ok
13:58:22.0764 0x2078 RasPppoe - ok
13:58:22.0767 0x2078 RasSstp - ok
13:58:22.0773 0x2078 rdbss - ok
13:58:22.0777 0x2078 rdpbus - ok
13:58:22.0780 0x2078 RDPDR - ok
13:58:22.0802 0x2078 RdpVideoMiniport - ok
13:58:22.0803 0x2078 rdyboost - ok
13:58:22.0815 0x2078 ReFSv1 - ok
13:58:22.0877 0x2078 RemoteAccess - ok
13:58:22.0890 0x2078 RemoteRegistry - ok
13:58:22.0905 0x2078 RetailDemo - ok
13:58:22.0917 0x2078 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:58:22.0929 0x2078 RpcEptMapper - ok
13:58:22.0949 0x2078 RpcLocator - ok
13:58:22.0977 0x2078 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:58:23.0009 0x2078 RpcSs - ok
13:58:23.0028 0x2078 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:58:23.0040 0x2078 rspndr - ok
13:58:23.0069 0x2078 [ 3AEF4FB6BBA86C2CB751CF989B30EDB5, CB893D0F45041D68038490BDA99509BE8B836C32DF392B9409083B178A04B7B3 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:58:23.0092 0x2078 rt640x64 - ok
13:58:23.0113 0x2078 s3cap - ok
13:58:23.0132 0x2078 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
13:58:23.0141 0x2078 SamSs - ok
13:58:23.0170 0x2078 sbp2port - ok
13:58:23.0174 0x2078 SCardSvr - ok
13:58:23.0188 0x2078 ScDeviceEnum - ok
13:58:23.0203 0x2078 scfilter - ok
13:58:23.0237 0x2078 [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:58:23.0273 0x2078 Schedule - ok
13:58:23.0294 0x2078 SCPolicySvc - ok
13:58:23.0322 0x2078 sdbus - ok
13:58:23.0342 0x2078 SDRSVC - ok
13:58:23.0600 0x2078 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
13:58:23.0629 0x2078 SDScannerService - ok
13:58:23.0641 0x2078 sdstor - ok
13:58:23.0692 0x2078 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:58:23.0724 0x2078 SDUpdateService - ok
13:58:23.0765 0x2078 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:58:23.0770 0x2078 SDWSCService - ok
13:58:23.0787 0x2078 seclogon - ok
13:58:23.0832 0x2078 [ BE43B6172AC5961017762AB3C9B9B4C6, 209356410729F5DB8E9CB64B7F32638CE4C1559B5FA10B66C69C0650A0ADD36E ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:58:23.0857 0x2078 Secunia PSI Agent - ok
13:58:23.0900 0x2078 [ C85EE9529401BF0467DACEB3D4BD1EAF, 4CB441A39C4FF3417B9046BEB237B3043A105A0112F5A04444F431C7F77C3D4B ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:58:23.0918 0x2078 Secunia Update Agent - ok
13:58:23.0942 0x2078 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
13:58:23.0958 0x2078 SENS - ok
13:58:23.0973 0x2078 SensorDataService - ok
13:58:23.0993 0x2078 SensorService - ok
13:58:23.0996 0x2078 SensrSvc - ok
13:58:24.0011 0x2078 SerCx - ok
13:58:24.0014 0x2078 SerCx2 - ok
13:58:24.0031 0x2078 Serenum - ok
13:58:24.0059 0x2078 Serial - ok
13:58:24.0079 0x2078 sermouse - ok
13:58:24.0084 0x2078 SessionEnv - ok
13:58:24.0093 0x2078 sfloppy - ok
13:58:24.0139 0x2078 SharedAccess - ok
13:58:24.0229 0x2078 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:58:24.0325 0x2078 ShellHWDetection - ok
13:58:24.0338 0x2078 SiSRaid2 - ok
13:58:24.0340 0x2078 SiSRaid4 - ok
13:58:24.0356 0x2078 smphost - ok
13:58:24.0376 0x2078 SmsRouter - ok
13:58:24.0380 0x2078 SNMPTRAP - ok
13:58:24.0412 0x2078 spaceport - ok
13:58:24.0419 0x2078 SpbCx - ok
13:58:24.0460 0x2078 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:58:24.0490 0x2078 Spooler - ok
13:58:24.0502 0x2078 sppsvc - ok
13:58:24.0520 0x2078 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:58:24.0537 0x2078 srv - ok
13:58:24.0556 0x2078 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:58:24.0581 0x2078 srv2 - ok
13:58:24.0603 0x2078 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:58:24.0615 0x2078 srvnet - ok
13:58:24.0662 0x2078 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:58:24.0680 0x2078 SSDPSRV - ok
13:58:24.0697 0x2078 SstpSvc - ok
13:58:24.0763 0x2078 [ 17139E61D556444B6FCE67920E71D369, 1A50102B1DC9B63BB50EDB1F7B2CB25F8BB4CD9BF95B3630A99ECC4981B573BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:58:24.0849 0x2078 StateRepository - ok
13:58:25.0001 0x2078 [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:58:25.0025 0x2078 Steam Client Service - ok
13:58:25.0046 0x2078 stexstor - ok
13:58:25.0056 0x2078 stisvc - ok
13:58:25.0071 0x2078 storahci - ok
13:58:25.0088 0x2078 storflt - ok
13:58:25.0091 0x2078 stornvme - ok
13:58:25.0115 0x2078 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
13:58:25.0125 0x2078 storqosflt - ok
13:58:25.0139 0x2078 StorSvc - ok
13:58:25.0152 0x2078 storufs - ok
13:58:25.0156 0x2078 storvsc - ok
13:58:25.0174 0x2078 svsvc - ok
13:58:25.0183 0x2078 swenum - ok
13:58:25.0186 0x2078 swprv - ok
13:58:25.0214 0x2078 Synth3dVsc - ok
13:58:25.0252 0x2078 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:58:25.0293 0x2078 SysMain - ok
13:58:25.0318 0x2078 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:58:25.0340 0x2078 SystemEventsBroker - ok
13:58:25.0352 0x2078 TabletInputService - ok
13:58:25.0355 0x2078 TapiSrv - ok
13:58:25.0378 0x2078 Tcpip - ok
13:58:25.0380 0x2078 Tcpip6 - ok
13:58:25.0394 0x2078 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:58:25.0406 0x2078 tcpipreg - ok
13:58:25.0420 0x2078 tdx - ok
13:58:25.0432 0x2078 terminpt - ok
13:58:25.0436 0x2078 TermService - ok
13:58:25.0454 0x2078 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
13:58:25.0473 0x2078 Themes - ok
13:58:25.0481 0x2078 TieringEngineService - ok
13:58:25.0511 0x2078 [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:58:25.0534 0x2078 tiledatamodelsvc - ok
13:58:25.0572 0x2078 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:58:25.0586 0x2078 TimeBroker - ok
13:58:25.0598 0x2078 TPM - ok
13:58:25.0618 0x2078 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:58:25.0635 0x2078 TrkWks - ok
13:58:25.0685 0x2078 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:58:25.0695 0x2078 TrustedInstaller - ok
13:58:25.0703 0x2078 TsUsbFlt - ok
13:58:25.0730 0x2078 TsUsbGD - ok
13:58:25.0742 0x2078 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:58:25.0755 0x2078 tunnel - ok
13:58:25.0785 0x2078 tzautoupdate - ok
13:58:25.0810 0x2078 uagp35 - ok
13:58:25.0813 0x2078 UASPStor - ok
13:58:25.0819 0x2078 UcmCx0101 - ok
13:58:25.0822 0x2078 UcmUcsi - ok
13:58:25.0825 0x2078 Ucx01000 - ok
13:58:25.0827 0x2078 UdeCx - ok
13:58:25.0832 0x2078 udfs - ok
13:58:25.0843 0x2078 UEFI - ok
13:58:25.0851 0x2078 Ufx01000 - ok
13:58:25.0862 0x2078 UfxChipidea - ok
13:58:25.0871 0x2078 ufxsynopsys - ok
13:58:25.0895 0x2078 UI0Detect - ok
13:58:25.0913 0x2078 uliagpkx - ok
13:58:25.0918 0x2078 umbus - ok
13:58:25.0926 0x2078 UmPass - ok
13:58:25.0953 0x2078 UmRdpService - ok
13:58:25.0998 0x2078 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
13:58:26.0040 0x2078 UnistoreSvc - ok
13:58:26.0049 0x2078 upnphost - ok
13:58:26.0081 0x2078 UrsChipidea - ok
13:58:26.0089 0x2078 UrsCx01000 - ok
13:58:26.0096 0x2078 UrsSynopsys - ok
13:58:26.0107 0x2078 usbccgp - ok
13:58:26.0110 0x2078 usbcir - ok
13:58:26.0115 0x2078 usbehci - ok
13:58:26.0128 0x2078 usbhub - ok
13:58:26.0148 0x2078 USBHUB3 - ok
13:58:26.0160 0x2078 usbohci - ok
13:58:26.0166 0x2078 usbprint - ok
13:58:26.0169 0x2078 usbscan - ok
13:58:26.0181 0x2078 usbser - ok
13:58:26.0184 0x2078 USBSTOR - ok
13:58:26.0187 0x2078 usbuhci - ok
13:58:26.0215 0x2078 USBXHCI - ok
13:58:26.0292 0x2078 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
13:58:26.0342 0x2078 UserDataSvc - ok
13:58:26.0391 0x2078 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
13:58:26.0423 0x2078 UserManager - ok
13:58:26.0447 0x2078 UsoSvc - ok
13:58:26.0466 0x2078 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:58:26.0485 0x2078 VaultSvc - ok
13:58:26.0517 0x2078 vdrvroot - ok
13:58:26.0527 0x2078 vds - ok
13:58:26.0561 0x2078 VerifierExt - ok
13:58:26.0584 0x2078 vhdmp - ok
13:58:26.0588 0x2078 vhf - ok
13:58:26.0605 0x2078 vmbus - ok
13:58:26.0618 0x2078 VMBusHID - ok
13:58:26.0638 0x2078 vmicguestinterface - ok
13:58:26.0640 0x2078 vmicheartbeat - ok
13:58:26.0643 0x2078 vmickvpexchange - ok
13:58:26.0645 0x2078 vmicrdv - ok
13:58:26.0647 0x2078 vmicshutdown - ok
13:58:26.0649 0x2078 vmictimesync - ok
13:58:26.0652 0x2078 vmicvmsession - ok
13:58:26.0654 0x2078 vmicvss - ok
13:58:26.0665 0x2078 volmgr - ok
13:58:26.0673 0x2078 volmgrx - ok
13:58:26.0683 0x2078 volsnap - ok
13:58:26.0723 0x2078 vpci - ok
13:58:26.0732 0x2078 vsmraid - ok
13:58:26.0747 0x2078 VSS - ok
13:58:26.0819 0x2078 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
13:58:26.0826 0x2078 vssbrigde64 - ok
13:58:26.0838 0x2078 VSTXRAID - ok
13:58:26.0845 0x2078 vwifibus - ok
13:58:26.0848 0x2078 vwififlt - ok
13:58:26.0858 0x2078 W32Time - ok
13:58:26.0869 0x2078 WacomPen - ok
13:58:26.0883 0x2078 WalletService - ok
13:58:26.0890 0x2078 wanarp - ok
13:58:26.0892 0x2078 wanarpv6 - ok
13:58:26.0895 0x2078 wbengine - ok
13:58:26.0907 0x2078 WbioSrvc - ok
13:58:26.0966 0x2078 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:58:27.0008 0x2078 Wcmsvc - ok
13:58:27.0012 0x2078 wcncsvc - ok
13:58:27.0023 0x2078 WcsPlugInService - ok
13:58:27.0032 0x2078 WdBoot - ok
13:58:27.0049 0x2078 Wdf01000 - ok
13:58:27.0053 0x2078 WdFilter - ok
13:58:27.0066 0x2078 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:58:27.0086 0x2078 WdiServiceHost - ok
13:58:27.0089 0x2078 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:58:27.0107 0x2078 WdiSystemHost - ok
13:58:27.0115 0x2078 wdiwifi - ok
13:58:27.0131 0x2078 WdNisDrv - ok
13:58:27.0148 0x2078 WdNisSvc - ok
13:58:27.0156 0x2078 WebClient - ok
13:58:27.0168 0x2078 Wecsvc - ok
13:58:27.0172 0x2078 WEPHOSTSVC - ok
13:58:27.0191 0x2078 wercplsupport - ok
13:58:27.0203 0x2078 WerSvc - ok
13:58:27.0251 0x2078 WFPLWFS - ok
13:58:27.0296 0x2078 WiaRpc - ok
13:58:27.0316 0x2078 WIMMount - ok
13:58:27.0319 0x2078 WinDefend - ok
13:58:27.0371 0x2078 WindowsTrustedRT - ok
13:58:27.0398 0x2078 WindowsTrustedRTProxy - ok
13:58:27.0470 0x2078 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:58:27.0505 0x2078 WinHttpAutoProxySvc - ok
13:58:27.0520 0x2078 WinMad - ok
13:58:27.0598 0x2078 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:58:27.0640 0x2078 Winmgmt - ok
13:58:27.0660 0x2078 WinRM - ok
13:58:27.0720 0x2078 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:58:27.0732 0x2078 WINUSB - ok
13:58:27.0736 0x2078 WinVerbs - ok
13:58:27.0765 0x2078 WlanSvc - ok
13:58:27.0802 0x2078 wlidsvc - ok
13:58:27.0817 0x2078 WmiAcpi - ok
13:58:27.0837 0x2078 wmiApSrv - ok
13:58:27.0877 0x2078 WMPNetworkSvc - ok
13:58:27.0897 0x2078 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:58:27.0909 0x2078 Wof - ok
13:58:27.0956 0x2078 workfolderssvc - ok
13:58:27.0971 0x2078 wpcfltr - ok
13:58:27.0991 0x2078 WPDBusEnum - ok
13:58:28.0000 0x2078 WpdUpFltr - ok
13:58:28.0023 0x2078 WpnService - ok
13:58:28.0032 0x2078 ws2ifsl - ok
13:58:28.0045 0x2078 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:58:28.0086 0x2078 wscsvc - ok
13:58:28.0088 0x2078 WSearch - ok
13:58:28.0106 0x2078 WSService - ok
13:58:28.0109 0x2078 wuauserv - ok
13:58:28.0120 0x2078 WudfPf - ok
13:58:28.0149 0x2078 WUDFRd - ok
13:58:28.0160 0x2078 wudfsvc - ok
13:58:28.0164 0x2078 WUDFWpdFs - ok
13:58:28.0175 0x2078 WwanSvc - ok
13:58:28.0197 0x2078 XblAuthManager - ok
13:58:28.0226 0x2078 XblGameSave - ok
13:58:28.0257 0x2078 xboxgip - ok
13:58:28.0290 0x2078 XboxNetApiSvc - ok
13:58:28.0306 0x2078 xinputhid - ok
13:58:28.0309 0x2078 ================ Scan global ===============================
13:58:28.0340 0x2078 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
13:58:28.0364 0x2078 [ 6C647A171ACA3838441206BBE715B0D7, 30ACA236E3D4A73F546AAA71D0FE80B1D66036AB7934B56CBF260F7E3A8C410F ] C:\WINDOWS\system32\winsrv.dll
13:58:28.0400 0x2078 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:58:28.0449 0x2078 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
13:58:28.0458 0x2078 [ Global ] - ok
13:58:28.0458 0x2078 ================ Scan MBR ==================================
13:58:28.0463 0x2078 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:58:28.0562 0x2078 \Device\Harddisk0\DR0 - ok
13:58:28.0562 0x2078 ================ Scan VBR ==================================
13:58:28.0592 0x2078 [ 980054069FCE2849626F09D5762FD9E3 ] \Device\Harddisk0\DR0\Partition1
13:58:28.0636 0x2078 \Device\Harddisk0\DR0\Partition1 - ok
13:58:28.0638 0x2078 [ 12095FD27140926273B709176FD15B9E ] \Device\Harddisk0\DR0\Partition2
13:58:28.0639 0x2078 \Device\Harddisk0\DR0\Partition2 - ok
13:58:28.0641 0x2078 [ 81B1C8BBD6151D572AFBD930E3E4027A ] \Device\Harddisk0\DR0\Partition3
13:58:28.0717 0x2078 \Device\Harddisk0\DR0\Partition3 - ok
13:58:28.0719 0x2078 [ DB8E70F7DED41A8174401A030CF041B3 ] \Device\Harddisk0\DR0\Partition4
13:58:28.0733 0x2078 \Device\Harddisk0\DR0\Partition4 - ok
13:58:28.0735 0x2078 [ F93560564B554AFD2D3BCA7CD5F2B1CC ] \Device\Harddisk0\DR0\Partition5
13:58:28.0740 0x2078 \Device\Harddisk0\DR0\Partition5 - ok
13:58:28.0742 0x2078 [ 429F23DFDB177CC8A0939CE2228B9B23 ] \Device\Harddisk0\DR0\Partition6
13:58:28.0750 0x2078 \Device\Harddisk0\DR0\Partition6 - ok
13:58:28.0750 0x2078 ================ Scan generic autorun ======================
13:58:29.0088 0x2078 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:58:29.0348 0x2078 RTHDVCPL - ok
13:58:29.0415 0x2078 [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] D:\Program Files\iTunes\iTunesHelper.exe
13:58:29.0422 0x2078 iTunesHelper - ok
13:58:29.0424 0x2078 P17RunE - ok
13:58:29.0521 0x2078 [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
13:58:29.0583 0x2078 KeePass 2 PreLoad - ok
13:58:29.0618 0x2078 [ 812EC7C5892262386C2B47E1083D456A, 06FC1D6D0F1D8C3C6E09E50C02FF75A50443F429BE3339909E416B29A255E8CC ] D:\Program Files (x86)\PDF24\pdf24.exe
13:58:29.0626 0x2078 PDFPrint - ok
13:58:29.0782 0x2078 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
13:58:29.0889 0x2078 SDTray - ok
13:58:30.0009 0x2078 Dropbox - ok
13:58:30.0040 0x2078 OneDriveSetup - ok
13:58:30.0041 0x2078 OneDriveSetup - ok
13:58:30.0125 0x2078 [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:58:30.0137 0x2078 OneDrive - ok
13:58:30.0157 0x2078 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:58:30.0195 0x2078 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
13:58:30.0294 0x2078 Detect skipped due to KSN trusted
13:58:30.0294 0x2078 SpybotPostWindows10UpgradeReInstall - ok
13:58:30.0372 0x2078 [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] D:\Program Files (x86)\Steam\steam.exe
13:58:30.0459 0x2078 Steam - ok
13:58:30.0462 0x2078 OneDriveSetup - ok
13:58:30.0466 0x2078 Waiting for KSN requests completion. In queue: 112
13:58:31.0523 0x2078 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
13:58:31.0572 0x2078 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
13:58:31.0573 0x2078 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
13:58:31.0708 0x2078 ============================================================
13:58:31.0708 0x2078 Scan finished
13:58:31.0708 0x2078 ============================================================
13:58:31.0715 0x1fbc Detected object count: 0
13:58:31.0715 0x1fbc Actual detected object count: 0
13:58:54.0093 0x2160 ============================================================
13:58:54.0093 0x2160 Scan started
13:58:54.0093 0x2160 Mode: Manual; SigCheck; TDLFS;
13:58:54.0093 0x2160 ============================================================
13:58:54.0093 0x2160 KSN ping started
13:58:54.0180 0x2160 KSN ping finished: true
13:58:54.0446 0x2160 ================ Scan system memory ========================
13:58:54.0446 0x2160 System memory - ok
13:58:54.0447 0x2160 ================ Scan services =============================
13:58:54.0489 0x2160 1394ohci - ok
13:58:54.0492 0x2160 3ware - ok
13:58:54.0494 0x2160 ACPI - ok
13:58:54.0497 0x2160 acpiex - ok
13:58:54.0499 0x2160 acpipagr - ok
13:58:54.0504 0x2160 AcpiPmi - ok
13:58:54.0507 0x2160 acpitime - ok
13:58:54.0511 0x2160 ADP80XX - ok
13:58:54.0515 0x2160 AFD - ok
13:58:54.0518 0x2160 agp440 - ok
13:58:54.0520 0x2160 ahcache - ok
13:58:54.0523 0x2160 AJRouter - ok
13:58:54.0525 0x2160 ALG - ok
13:58:54.0528 0x2160 AmdK8 - ok
13:58:54.0530 0x2160 AmdPPM - ok
13:58:54.0533 0x2160 amdsata - ok
13:58:54.0537 0x2160 amdsbs - ok
13:58:54.0539 0x2160 amdxata - ok
13:58:54.0542 0x2160 AppID - ok
13:58:54.0544 0x2160 AppIDSvc - ok
13:58:54.0548 0x2160 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:58:54.0562 0x2160 Appinfo - ok
13:58:54.0571 0x2160 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:58:54.0576 0x2160 Apple Mobile Device Service - ok
13:58:54.0580 0x2160 AppReadiness - ok
13:58:54.0583 0x2160 AppXSvc - ok
13:58:54.0586 0x2160 arcsas - ok
13:58:54.0588 0x2160 AsyncMac - ok
13:58:54.0591 0x2160 atapi - ok
13:58:54.0600 0x2160 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:58:54.0614 0x2160 AudioEndpointBuilder - ok
13:58:54.0636 0x2160 [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:58:54.0666 0x2160 Audiosrv - ok
13:58:54.0678 0x2160 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
13:58:54.0685 0x2160 AVP16.0.0 - ok
13:58:54.0688 0x2160 AxInstSV - ok
13:58:54.0692 0x2160 b06bdrv - ok
13:58:54.0695 0x2160 BasicDisplay - ok
13:58:54.0698 0x2160 BasicRender - ok
13:58:54.0702 0x2160 bcmfn - ok
13:58:54.0704 0x2160 bcmfn2 - ok
13:58:54.0707 0x2160 BDESVC - ok
13:58:54.0709 0x2160 Beep - ok
13:58:54.0727 0x2160 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
13:58:54.0750 0x2160 BFE - ok
13:58:54.0775 0x2160 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
13:58:54.0811 0x2160 BITS - ok
13:58:54.0824 0x2160 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:58:54.0834 0x2160 Bonjour Service - ok
13:58:54.0839 0x2160 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:58:54.0848 0x2160 bowser - ok
13:58:54.0864 0x2160 [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:58:54.0884 0x2160 BrokerInfrastructure - ok
13:58:54.0887 0x2160 Browser - ok
13:58:54.0890 0x2160 BthAvrcpTg - ok
13:58:54.0893 0x2160 BthHFEnum - ok
13:58:54.0896 0x2160 bthhfhid - ok
13:58:54.0899 0x2160 BthHFSrv - ok
13:58:54.0902 0x2160 BTHMODEM - ok
13:58:54.0906 0x2160 bthserv - ok
13:58:54.0909 0x2160 buttonconverter - ok
13:58:54.0912 0x2160 CapImg - ok
13:58:54.0915 0x2160 cdfs - ok
13:58:54.0918 0x2160 CDPSvc - ok
13:58:54.0920 0x2160 cdrom - ok
13:58:54.0923 0x2160 CertPropSvc - ok
13:58:54.0925 0x2160 circlass - ok
13:58:54.0928 0x2160 CLFS - ok
13:58:54.0982 0x2160 [ 323DE48A358D07B81A8DB72057238359, 71854D2C40664493E05C0A7E4F0C7CC74ADA1A63EEC1D4FE32350F6AF8728243 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:58:55.0026 0x2160 ClickToRunSvc - ok
13:58:55.0032 0x2160 ClipSVC - ok
13:58:55.0039 0x2160 CmBatt - ok
13:58:55.0048 0x2160 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\drivers\cm_km.sys
13:58:55.0058 0x2160 cm_km - ok
13:58:55.0061 0x2160 CNG - ok
13:58:55.0064 0x2160 cnghwassist - ok
13:58:55.0077 0x2160 CompositeBus - ok
13:58:55.0080 0x2160 COMSysApp - ok
13:58:55.0084 0x2160 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:58:55.0091 0x2160 condrv - ok
13:58:55.0108 0x2160 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:58:55.0128 0x2160 CoreMessagingRegistrar - ok
13:58:55.0135 0x2160 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:58:55.0144 0x2160 CryptSvc - ok
13:58:55.0148 0x2160 dam - ok
13:58:55.0156 0x2160 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:58:55.0162 0x2160 dbupdate - ok
13:58:55.0166 0x2160 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:58:55.0172 0x2160 dbupdatem - ok
13:58:55.0192 0x2160 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:58:55.0224 0x2160 DcomLaunch - ok
13:58:55.0228 0x2160 DcpSvc - ok
13:58:55.0231 0x2160 defragsvc - ok
13:58:55.0234 0x2160 DeviceAssociationService - ok
13:58:55.0239 0x2160 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:58:55.0256 0x2160 DeviceInstall - ok
13:58:55.0259 0x2160 DevQueryBroker - ok
13:58:55.0262 0x2160 Dfsc - ok
13:58:55.0271 0x2160 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:58:55.0299 0x2160 Dhcp - ok
13:58:55.0305 0x2160 diagnosticshub.standardcollector.service - ok
13:58:55.0336 0x2160 [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:58:55.0373 0x2160 DiagTrack - ok
13:58:55.0379 0x2160 disk - ok
13:58:55.0382 0x2160 DmEnrollmentSvc - ok
13:58:55.0386 0x2160 dmvsc - ok
13:58:55.0388 0x2160 dmwappushservice - ok
13:58:55.0396 0x2160 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:58:55.0412 0x2160 Dnscache - ok
13:58:55.0417 0x2160 dot3svc - ok
13:58:55.0423 0x2160 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
13:58:55.0438 0x2160 DPS - ok
13:58:55.0442 0x2160 drmkaud - ok
13:58:55.0445 0x2160 DsmSvc - ok
13:58:55.0448 0x2160 DsSvc - ok
13:58:55.0451 0x2160 DXGKrnl - ok
13:58:55.0454 0x2160 Eaphost - ok
13:58:55.0458 0x2160 ebdrv - ok
13:58:55.0461 0x2160 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
13:58:55.0472 0x2160 EFS - ok
13:58:55.0475 0x2160 EhStorClass - ok
13:58:55.0478 0x2160 EhStorTcgDrv - ok
13:58:55.0480 0x2160 embeddedmode - ok
13:58:55.0485 0x2160 EntAppSvc - ok
13:58:55.0487 0x2160 ErrDev - ok
13:58:55.0492 0x2160 [ B5BB7C38E9EEC3FB462861E8E9ED1912, 0EC736EF2CE9D34581FB7BDE6C185EC03B763F5088142E458D07CC602ED9CB2B ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
13:58:55.0496 0x2160 ETDSMBus - ok
13:58:55.0508 0x2160 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
13:58:55.0527 0x2160 EventSystem - ok
13:58:55.0531 0x2160 exfat - ok
13:58:55.0540 0x2160 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:58:55.0553 0x2160 fastfat - ok
13:58:55.0557 0x2160 Fax - ok
13:58:55.0560 0x2160 fcvsc - ok
13:58:55.0562 0x2160 fdc - ok
13:58:55.0564 0x2160 fdPHost - ok
13:58:55.0567 0x2160 FDResPub - ok
13:58:55.0570 0x2160 fhsvc - ok
13:58:55.0574 0x2160 FileCrypt - ok
13:58:55.0577 0x2160 FileInfo - ok
13:58:55.0579 0x2160 Filetrace - ok
13:58:55.0581 0x2160 flpydisk - ok
13:58:55.0584 0x2160 FltMgr - ok
13:58:55.0616 0x2160 [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache C:\WINDOWS\system32\FntCache.dll
13:58:55.0668 0x2160 FontCache - ok
13:58:55.0674 0x2160 FontCache3.0.0.0 - ok
13:58:55.0676 0x2160 FsDepends - ok
13:58:55.0679 0x2160 Fs_Rec - ok
13:58:55.0682 0x2160 fvevol - ok
13:58:55.0687 0x2160 gagp30kx - ok
13:58:55.0690 0x2160 gencounter - ok
13:58:55.0693 0x2160 genericusbfn - ok
13:58:55.0696 0x2160 GPIOClx0101 - ok
13:58:55.0722 0x2160 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:58:55.0763 0x2160 gpsvc - ok
13:58:55.0767 0x2160 GpuEnergyDrv - ok
13:58:55.0775 0x2160 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:55.0781 0x2160 gupdate - ok
13:58:55.0786 0x2160 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:55.0791 0x2160 gupdatem - ok
13:58:55.0794 0x2160 HdAudAddService - ok
13:58:55.0797 0x2160 HDAudBus - ok
13:58:55.0800 0x2160 HidBatt - ok
13:58:55.0803 0x2160 HidBth - ok
13:58:55.0806 0x2160 hidi2c - ok
13:58:55.0809 0x2160 hidinterrupt - ok
13:58:55.0812 0x2160 HidIr - ok
13:58:55.0815 0x2160 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:58:55.0826 0x2160 hidserv - ok
13:58:55.0830 0x2160 HidUsb - ok
13:58:55.0833 0x2160 HomeGroupListener - ok
13:58:55.0845 0x2160 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:58:55.0870 0x2160 HomeGroupProvider - ok
13:58:55.0875 0x2160 HpSAMD - ok
13:58:55.0897 0x2160 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:58:55.0923 0x2160 HTTP - ok
13:58:55.0946 0x2160 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
13:58:55.0950 0x2160 HWiNFO32 - ok
13:58:55.0954 0x2160 hwpolicy - ok
13:58:55.0957 0x2160 hyperkbd - ok
13:58:55.0960 0x2160 i8042prt - ok
13:58:55.0963 0x2160 iai2c - ok
13:58:55.0967 0x2160 iaLPSS2i_I2C - ok
13:58:55.0970 0x2160 iaLPSSi_GPIO - ok
13:58:55.0973 0x2160 iaLPSSi_I2C - ok
13:58:56.0002 0x2160 [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
13:58:56.0028 0x2160 iaStorA - ok
13:58:56.0033 0x2160 iaStorAV - ok
13:58:56.0038 0x2160 iaStorV - ok
13:58:56.0041 0x2160 ibbus - ok
13:58:56.0044 0x2160 icssvc - ok
13:58:56.0046 0x2160 IEEtwCollectorService - ok
13:58:56.0065 0x2160 [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:58:56.0101 0x2160 IKEEXT - ok
13:58:56.0171 0x2160 [ 69976169745EDFB3225D9ABEB5E91155, D1AFF69AF178B46FD9F319AA9DF8738ACB03559DE24C1114EEF46A22D01F0982 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:58:56.0252 0x2160 IntcAzAudAddService - ok
13:58:56.0258 0x2160 intelide - ok
13:58:56.0260 0x2160 intelpep - ok
13:58:56.0263 0x2160 intelppm - ok
13:58:56.0266 0x2160 IoQos - ok
13:58:56.0269 0x2160 IpFilterDriver - ok
13:58:56.0288 0x2160 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:58:56.0324 0x2160 iphlpsvc - ok
13:58:56.0328 0x2160 IPMIDRV - ok
13:58:56.0331 0x2160 IPNAT - ok
13:58:56.0345 0x2160 [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:58:56.0358 0x2160 iPod Service - ok
13:58:56.0362 0x2160 IRENUM - ok
13:58:56.0365 0x2160 isapnp - ok
13:58:56.0369 0x2160 iScsiPrt - ok
13:58:56.0372 0x2160 kbdclass - ok
13:58:56.0376 0x2160 kbdhid - ok
13:58:56.0379 0x2160 kdnic - ok
13:58:56.0383 0x2160 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:58:56.0392 0x2160 KeyIso - ok
13:58:56.0403 0x2160 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
13:58:56.0415 0x2160 kl1 - ok
13:58:56.0419 0x2160 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
13:58:56.0424 0x2160 klbackupdisk - ok
13:58:56.0427 0x2160 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
13:58:56.0433 0x2160 klbackupflt - ok
13:58:56.0438 0x2160 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
13:58:56.0443 0x2160 kldisk - ok
13:58:56.0453 0x2160 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
13:58:56.0462 0x2160 klelam - ok
13:58:56.0468 0x2160 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
13:58:56.0475 0x2160 klflt - ok
13:58:56.0483 0x2160 [ BE1DF4E950FF00A19BB72FA29CAEE32E, 24D8111B8782B4FB8612AB9DCE6A3A5EA63CE4B75DC717D0ECC5C6BCBCCF01AA ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
13:58:56.0491 0x2160 klhk - ok
13:58:56.0511 0x2160 [ B72D1864B3EC6E429DB127A642CFB8BB, 43954F7E04158D79D44D0D6866838043A2B49B49EBF15A57DB120DB7AC3C19CE ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
13:58:56.0528 0x2160 KLIF - ok
13:58:56.0532 0x2160 [ 161573B8BE82D24ED8B5B8EBA01245EA, 3CC124C717C2484A4DE0D415A2564D62D1A4B6E9DED65136B094304FCDE74CE0 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
13:58:56.0539 0x2160 KLIM6 - ok
13:58:56.0542 0x2160 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
13:58:56.0547 0x2160 klkbdflt - ok
13:58:56.0550 0x2160 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
13:58:56.0555 0x2160 klmouflt - ok
13:58:56.0558 0x2160 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
13:58:56.0564 0x2160 klpd - ok
13:58:56.0569 0x2160 [ 8334692AFEB3289984B40898B6B30C06, 6A337CC33B0EFC3B61BFCABFDFE305BE1D334620FB4D87DDEDBC8214966D6DDE ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
13:58:56.0575 0x2160 klwfp - ok
13:58:56.0580 0x2160 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
13:58:56.0586 0x2160 Klwtp - ok
13:58:56.0592 0x2160 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
13:58:56.0599 0x2160 kneps - ok
13:58:56.0603 0x2160 KSecDD - ok
13:58:56.0605 0x2160 KSecPkg - ok
13:58:56.0607 0x2160 ksthunk - ok
13:58:56.0610 0x2160 KtmRm - ok
13:58:56.0618 0x2160 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:58:56.0637 0x2160 LanmanServer - ok
13:58:56.0644 0x2160 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:58:56.0665 0x2160 LanmanWorkstation - ok
13:58:56.0669 0x2160 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:58:56.0690 0x2160 lfsvc - ok
13:58:56.0693 0x2160 LicenseManager - ok
13:58:56.0697 0x2160 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
13:58:56.0707 0x2160 lltdio - ok
13:58:56.0710 0x2160 lltdsvc - ok
13:58:56.0713 0x2160 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:58:56.0728 0x2160 lmhosts - ok
13:58:56.0733 0x2160 LSI_SAS - ok
13:58:56.0736 0x2160 LSI_SAS2i - ok
13:58:56.0738 0x2160 LSI_SAS3i - ok
13:58:56.0741 0x2160 LSI_SSS - ok
13:58:56.0757 0x2160 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
13:58:56.0785 0x2160 LSM - ok
13:58:56.0790 0x2160 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:58:56.0803 0x2160 luafv - ok
13:58:56.0806 0x2160 MapsBroker - ok
13:58:56.0809 0x2160 megasas - ok
13:58:56.0811 0x2160 megasr - ok
13:58:56.0817 0x2160 [ 84178491109A97D0A0CFF0840A644CD9, B822A9F7C9623764430435DBCE1380386D0A0D9784779DDD3A7A2E59FC29AFF6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:58:56.0827 0x2160 MEIx64 - ok
13:58:56.0831 0x2160 MessagingService - ok
13:58:56.0843 0x2160 [ 4CF921F589056941055B1AD7016B1C9B, 0B72EAB7E5581DAA2A7461EC4A3A5780795CEDC609DAADC399F430BA2DC8F4C4 ] MFE_RR C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys
13:58:56.0847 0x2160 MFE_RR - ok
13:58:56.0850 0x2160 mlx4_bus - ok
13:58:56.0853 0x2160 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:58:56.0861 0x2160 MMCSS - ok
13:58:56.0864 0x2160 Modem - ok
13:58:56.0867 0x2160 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:58:56.0876 0x2160 monitor - ok
13:58:56.0878 0x2160 mouclass - ok
13:58:56.0882 0x2160 mouhid - ok
13:58:56.0886 0x2160 mountmgr - ok
13:58:56.0889 0x2160 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:58:56.0898 0x2160 mpsdrv - ok
13:58:56.0919 0x2160 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:58:56.0953 0x2160 MpsSvc - ok
13:58:56.0957 0x2160 MRxDAV - ok
13:58:56.0967 0x2160 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:58:56.0982 0x2160 mrxsmb - ok
13:58:57.0004 0x2160 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:58:57.0018 0x2160 mrxsmb10 - ok
13:58:57.0025 0x2160 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:58:57.0035 0x2160 mrxsmb20 - ok
13:58:57.0038 0x2160 MsBridge - ok
13:58:57.0040 0x2160 MSDTC - ok
13:58:57.0045 0x2160 Msfs - ok
13:58:57.0048 0x2160 msgpiowin32 - ok
13:58:57.0050 0x2160 mshidkmdf - ok
13:58:57.0053 0x2160 mshidumdf - ok
13:58:57.0056 0x2160 msisadrv - ok
13:58:57.0058 0x2160 MSiSCSI - ok
13:58:57.0060 0x2160 msiserver - ok
13:58:57.0062 0x2160 MSKSSRV - ok
13:58:57.0066 0x2160 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:58:57.0077 0x2160 MsLldp - ok
13:58:57.0080 0x2160 MSPCLOCK - ok
13:58:57.0083 0x2160 MSPQM - ok
13:58:57.0086 0x2160 MsRPC - ok
13:58:57.0089 0x2160 mssmbios - ok
13:58:57.0091 0x2160 MSTEE - ok
13:58:57.0094 0x2160 MTConfig - ok
13:58:57.0096 0x2160 Mup - ok
13:58:57.0099 0x2160 mvumis - ok
13:58:57.0102 0x2160 NativeWifiP - ok
13:58:57.0104 0x2160 NcaSvc - ok
13:58:57.0114 0x2160 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:58:57.0140 0x2160 NcbService - ok
13:58:57.0146 0x2160 NcdAutoSetup - ok
13:58:57.0149 0x2160 ndfltr - ok
13:58:57.0152 0x2160 NDIS - ok
13:58:57.0154 0x2160 NdisCap - ok
13:58:57.0157 0x2160 NdisImPlatform - ok
13:58:57.0159 0x2160 NdisTapi - ok
13:58:57.0162 0x2160 Ndisuio - ok
13:58:57.0163 0x2160 NdisVirtualBus - ok
13:58:57.0166 0x2160 NdisWan - ok
13:58:57.0168 0x2160 ndiswanlegacy - ok
13:58:57.0170 0x2160 ndproxy - ok
13:58:57.0176 0x2160 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:58:57.0186 0x2160 Ndu - ok
13:58:57.0189 0x2160 NetBIOS - ok
13:58:57.0193 0x2160 NetBT - ok
13:58:57.0196 0x2160 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:58:57.0205 0x2160 Netlogon - ok
13:58:57.0214 0x2160 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
13:58:57.0232 0x2160 Netman - ok
13:58:57.0245 0x2160 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:58:57.0270 0x2160 netprofm - ok
13:58:57.0274 0x2160 NetSetupSvc - ok
13:58:57.0288 0x2160 NetTcpPortSharing - ok
13:58:57.0292 0x2160 NgcCtnrSvc - ok
13:58:57.0295 0x2160 NgcSvc - ok
13:58:57.0304 0x2160 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:58:57.0325 0x2160 NlaSvc - ok
13:58:57.0328 0x2160 Npfs - ok
13:58:57.0332 0x2160 npsvctrig - ok
13:58:57.0337 0x2160 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
13:58:57.0348 0x2160 nsi - ok
13:58:57.0351 0x2160 nsiproxy - ok
13:58:57.0354 0x2160 NTFS - ok
13:58:57.0357 0x2160 Null - ok
13:58:57.0362 0x2160 [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
13:58:57.0369 0x2160 NVHDA - ok
13:58:57.0581 0x2160 [ 465FAB36A897C77E8E34767BFDC47B90, AE3AE9889C25BC92C4217A9A2E387BF8EC04CDECFA1FA5844F231B0489BD40B1 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:58:57.0846 0x2160 nvlddmkm - ok
13:58:57.0862 0x2160 nvraid - ok
13:58:57.0864 0x2160 nvstor - ok
13:58:57.0875 0x2160 [ 6DCBBEFD675E45DD18270937D34B61DA, 1910359C168FC043C72E605B3E7147BD16DD595EB546C24CF49DC1058A73862D ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
13:58:57.0887 0x2160 NvStUSB - ok
13:58:57.0914 0x2160 [ 254C8DFF98ECCEDD9EB273261807E843, A92F50E7928F46AC8B633D93718E03C2A03E5A099B8FEAD0CFF7CEC46EA3ACCA ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
13:58:57.0941 0x2160 nvsvc - ok
13:58:57.0945 0x2160 nv_agp - ok
13:58:57.0954 0x2160 [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
13:58:57.0969 0x2160 OneSyncSvc - ok
13:58:57.0980 0x2160 [ B8ACC8BA375013AA89DDE48A1307B81A, 2655AAF3FE702B735A8AB635272B20E44FBA44DB2254B71233AFCAFDD1D15ED9 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:58:57.0989 0x2160 ose64 - ok
13:58:58.0069 0x2160 [ 66A2C70DA35E8559982EE9D205329E1A, 0DE7971D0618ED1AD9EB42C13AA9348F5BA96EA6B3EF2BFF70D2522D748AD7E0 ] P17 C:\WINDOWS\system32\drivers\P17.sys
13:58:58.0110 0x2160 P17 - ok
13:58:58.0115 0x2160 p2pimsvc - ok
13:58:58.0118 0x2160 p2psvc - ok
13:58:58.0121 0x2160 Parport - ok
13:58:58.0123 0x2160 partmgr - ok
13:58:58.0136 0x2160 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:58:58.0156 0x2160 PcaSvc - ok
13:58:58.0160 0x2160 pci - ok
13:58:58.0162 0x2160 pciide - ok
13:58:58.0165 0x2160 pcmcia - ok
13:58:58.0168 0x2160 pcw - ok
13:58:58.0171 0x2160 pdc - ok
13:58:58.0186 0x2160 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:58:58.0212 0x2160 PEAUTH - ok
13:58:58.0216 0x2160 percsas2i - ok
13:58:58.0219 0x2160 percsas3i - ok
13:58:58.0237 0x2160 PerfHost - ok
13:58:58.0242 0x2160 PhoneSvc - ok
13:58:58.0250 0x2160 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:58:58.0271 0x2160 PimIndexMaintenanceSvc - ok
13:58:58.0276 0x2160 pla - ok
13:58:58.0281 0x2160 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:58:58.0297 0x2160 PlugPlay - ok
13:58:58.0305 0x2160 pmem - ok
13:58:58.0308 0x2160 PNRPAutoReg - ok
13:58:58.0310 0x2160 PNRPsvc - ok
13:58:58.0319 0x2160 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:58:58.0347 0x2160 PolicyAgent - ok
13:58:58.0354 0x2160 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
13:58:58.0367 0x2160 Power - ok
13:58:58.0371 0x2160 PptpMiniport - ok
13:58:58.0574 0x2160 [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:58:58.0653 0x2160 PrintNotify - ok
13:58:58.0660 0x2160 Processor - ok
13:58:58.0668 0x2160 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:58:58.0687 0x2160 ProfSvc - ok
13:58:58.0690 0x2160 Psched - ok
13:58:58.0693 0x2160 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
13:58:58.0698 0x2160 PSI - ok
13:58:58.0702 0x2160 QWAVE - ok
13:58:58.0704 0x2160 QWAVEdrv - ok
13:58:58.0708 0x2160 RasAcd - ok
13:58:58.0710 0x2160 RasAgileVpn - ok
13:58:58.0713 0x2160 RasAuto - ok
13:58:58.0716 0x2160 Rasl2tp - ok
13:58:58.0718 0x2160 RasMan - ok
13:58:58.0720 0x2160 RasPppoe - ok
13:58:58.0723 0x2160 RasSstp - ok
13:58:58.0725 0x2160 rdbss - ok
13:58:58.0728 0x2160 rdpbus - ok
13:58:58.0730 0x2160 RDPDR - ok
13:58:58.0736 0x2160 RdpVideoMiniport - ok
13:58:58.0738 0x2160 rdyboost - ok
13:58:58.0740 0x2160 ReFSv1 - ok
13:58:58.0742 0x2160 RemoteAccess - ok
13:58:58.0745 0x2160 RemoteRegistry - ok
13:58:58.0747 0x2160 RetailDemo - ok
13:58:58.0754 0x2160 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:58:58.0766 0x2160 RpcEptMapper - ok
13:58:58.0769 0x2160 RpcLocator - ok
13:58:58.0787 0x2160 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:58:58.0817 0x2160 RpcSs - ok
13:58:58.0822 0x2160 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:58:58.0833 0x2160 rspndr - ok
13:58:58.0853 0x2160 [ 3AEF4FB6BBA86C2CB751CF989B30EDB5, CB893D0F45041D68038490BDA99509BE8B836C32DF392B9409083B178A04B7B3 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:58:58.0872 0x2160 rt640x64 - ok
13:58:58.0878 0x2160 s3cap - ok
13:58:58.0883 0x2160 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
13:58:58.0892 0x2160 SamSs - ok
13:58:58.0895 0x2160 sbp2port - ok
13:58:58.0897 0x2160 SCardSvr - ok
13:58:58.0901 0x2160 ScDeviceEnum - ok
13:58:58.0904 0x2160 scfilter - ok
13:58:58.0924 0x2160 [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:58:58.0958 0x2160 Schedule - ok
13:58:58.0961 0x2160 SCPolicySvc - ok
13:58:58.0964 0x2160 sdbus - ok
13:58:58.0967 0x2160 SDRSVC - ok
13:58:59.0004 0x2160 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
13:58:59.0032 0x2160 SDScannerService - ok
13:58:59.0038 0x2160 sdstor - ok
13:58:59.0154 0x2160 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:58:59.0187 0x2160 SDUpdateService - ok
13:58:59.0195 0x2160 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:58:59.0201 0x2160 SDWSCService - ok
13:58:59.0205 0x2160 seclogon - ok
13:58:59.0261 0x2160 [ BE43B6172AC5961017762AB3C9B9B4C6, 209356410729F5DB8E9CB64B7F32638CE4C1559B5FA10B66C69C0650A0ADD36E ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:58:59.0286 0x2160 Secunia PSI Agent - ok
13:58:59.0304 0x2160 [ C85EE9529401BF0467DACEB3D4BD1EAF, 4CB441A39C4FF3417B9046BEB237B3043A105A0112F5A04444F431C7F77C3D4B ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:58:59.0323 0x2160 Secunia Update Agent - ok
13:58:59.0328 0x2160 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
13:58:59.0343 0x2160 SENS - ok
13:58:59.0346 0x2160 SensorDataService - ok
13:58:59.0349 0x2160 SensorService - ok
13:58:59.0353 0x2160 SensrSvc - ok
13:58:59.0355 0x2160 SerCx - ok
13:58:59.0357 0x2160 SerCx2 - ok
13:58:59.0394 0x2160 Serenum - ok
13:58:59.0402 0x2160 Serial - ok
13:58:59.0405 0x2160 sermouse - ok
13:58:59.0411 0x2160 SessionEnv - ok
13:58:59.0414 0x2160 sfloppy - ok
13:58:59.0416 0x2160 SharedAccess - ok
13:58:59.0431 0x2160 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:58:59.0462 0x2160 ShellHWDetection - ok
13:58:59.0466 0x2160 SiSRaid2 - ok
13:58:59.0469 0x2160 SiSRaid4 - ok
13:58:59.0471 0x2160 smphost - ok
13:58:59.0475 0x2160 SmsRouter - ok
13:58:59.0480 0x2160 SNMPTRAP - ok
13:58:59.0483 0x2160 spaceport - ok
13:58:59.0487 0x2160 SpbCx - ok
13:58:59.0517 0x2160 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:58:59.0559 0x2160 Spooler - ok
13:58:59.0563 0x2160 sppsvc - ok
13:58:59.0576 0x2160 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:58:59.0592 0x2160 srv - ok
13:58:59.0608 0x2160 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:58:59.0631 0x2160 srv2 - ok
13:58:59.0639 0x2160 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:58:59.0651 0x2160 srvnet - ok
13:58:59.0659 0x2160 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:58:59.0676 0x2160 SSDPSRV - ok
13:58:59.0687 0x2160 SstpSvc - ok
13:58:59.0788 0x2160 [ 17139E61D556444B6FCE67920E71D369, 1A50102B1DC9B63BB50EDB1F7B2CB25F8BB4CD9BF95B3630A99ECC4981B573BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:58:59.0877 0x2160 StateRepository - ok
13:58:59.0907 0x2160 [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:58:59.0930 0x2160 Steam Client Service - ok
13:58:59.0944 0x2160 stexstor - ok
13:58:59.0947 0x2160 stisvc - ok
13:58:59.0949 0x2160 storahci - ok
13:58:59.0952 0x2160 storflt - ok
13:58:59.0955 0x2160 stornvme - ok
13:58:59.0959 0x2160 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
13:58:59.0968 0x2160 storqosflt - ok
13:58:59.0971 0x2160 StorSvc - ok
13:58:59.0974 0x2160 storufs - ok
13:58:59.0976 0x2160 storvsc - ok
13:58:59.0980 0x2160 svsvc - ok
13:58:59.0984 0x2160 swenum - ok
13:58:59.0987 0x2160 swprv - ok
13:58:59.0990 0x2160 Synth3dVsc - ok
13:59:00.0012 0x2160 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:59:00.0057 0x2160 SysMain - ok
13:59:00.0069 0x2160 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:59:00.0101 0x2160 SystemEventsBroker - ok
13:59:00.0104 0x2160 TabletInputService - ok
13:59:00.0107 0x2160 TapiSrv - ok
13:59:00.0109 0x2160 Tcpip - ok
13:59:00.0111 0x2160 Tcpip6 - ok
13:59:00.0115 0x2160 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:59:00.0125 0x2160 tcpipreg - ok
13:59:00.0129 0x2160 tdx - ok
13:59:00.0131 0x2160 terminpt - ok
13:59:00.0135 0x2160 TermService - ok
13:59:00.0139 0x2160 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
13:59:00.0156 0x2160 Themes - ok
13:59:00.0160 0x2160 TieringEngineService - ok
13:59:00.0195 0x2160 [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:59:00.0232 0x2160 tiledatamodelsvc - ok
13:59:00.0239 0x2160 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:59:00.0260 0x2160 TimeBroker - ok
13:59:00.0264 0x2160 TPM - ok
13:59:00.0297 0x2160 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:59:00.0313 0x2160 TrkWks - ok
13:59:00.0350 0x2160 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:59:00.0359 0x2160 TrustedInstaller - ok
13:59:00.0376 0x2160 TsUsbFlt - ok
13:59:00.0412 0x2160 TsUsbGD - ok
13:59:00.0430 0x2160 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:59:00.0442 0x2160 tunnel - ok
13:59:00.0474 0x2160 tzautoupdate - ok
13:59:00.0478 0x2160 uagp35 - ok
13:59:00.0485 0x2160 UASPStor - ok
13:59:00.0492 0x2160 UcmCx0101 - ok
13:59:00.0508 0x2160 UcmUcsi - ok
13:59:00.0510 0x2160 Ucx01000 - ok
13:59:00.0512 0x2160 UdeCx - ok
13:59:00.0521 0x2160 udfs - ok
13:59:00.0533 0x2160 UEFI - ok
13:59:00.0536 0x2160 Ufx01000 - ok
13:59:00.0544 0x2160 UfxChipidea - ok
13:59:00.0553 0x2160 ufxsynopsys - ok
13:59:00.0585 0x2160 UI0Detect - ok
13:59:00.0603 0x2160 uliagpkx - ok
13:59:00.0616 0x2160 umbus - ok
13:59:00.0649 0x2160 UmPass - ok
13:59:00.0668 0x2160 UmRdpService - ok
13:59:00.0724 0x2160 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
13:59:00.0764 0x2160 UnistoreSvc - ok
13:59:00.0770 0x2160 upnphost - ok
13:59:00.0787 0x2160 UrsChipidea - ok
13:59:00.0812 0x2160 UrsCx01000 - ok
13:59:00.0843 0x2160 UrsSynopsys - ok
13:59:00.0896 0x2160 usbccgp - ok
13:59:00.0908 0x2160 usbcir - ok
13:59:00.0920 0x2160 usbehci - ok
13:59:00.0924 0x2160 usbhub - ok
13:59:00.0946 0x2160 USBHUB3 - ok
13:59:00.0949 0x2160 usbohci - ok
13:59:00.0964 0x2160 usbprint - ok
13:59:00.0978 0x2160 usbscan - ok
13:59:00.0993 0x2160 usbser - ok
13:59:01.0002 0x2160 USBSTOR - ok
13:59:01.0005 0x2160 usbuhci - ok
13:59:01.0008 0x2160 USBXHCI - ok
13:59:01.0198 0x2160 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
13:59:01.0241 0x2160 UserDataSvc - ok
13:59:01.0303 0x2160 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
13:59:01.0342 0x2160 UserManager - ok
13:59:01.0362 0x2160 UsoSvc - ok
13:59:01.0366 0x2160 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:59:01.0376 0x2160 VaultSvc - ok
13:59:01.0399 0x2160 vdrvroot - ok
13:59:01.0417 0x2160 vds - ok
13:59:01.0451 0x2160 VerifierExt - ok
13:59:01.0465 0x2160 vhdmp - ok
13:59:01.0468 0x2160 vhf - ok
13:59:01.0486 0x2160 vmbus - ok
13:59:01.0500 0x2160 VMBusHID - ok
13:59:01.0520 0x2160 vmicguestinterface - ok
13:59:01.0522 0x2160 vmicheartbeat - ok
13:59:01.0524 0x2160 vmickvpexchange - ok
13:59:01.0526 0x2160 vmicrdv - ok
13:59:01.0528 0x2160 vmicshutdown - ok
13:59:01.0530 0x2160 vmictimesync - ok
13:59:01.0532 0x2160 vmicvmsession - ok
13:59:01.0534 0x2160 vmicvss - ok
13:59:01.0563 0x2160 volmgr - ok
13:59:01.0580 0x2160 volmgrx - ok
13:59:01.0591 0x2160 volsnap - ok
13:59:01.0614 0x2160 vpci - ok
13:59:01.0624 0x2160 vsmraid - ok
13:59:01.0653 0x2160 VSS - ok
13:59:01.0712 0x2160 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
13:59:01.0719 0x2160 vssbrigde64 - ok
13:59:01.0729 0x2160 VSTXRAID - ok
13:59:01.0743 0x2160 vwifibus - ok
13:59:01.0746 0x2160 vwififlt - ok
13:59:01.0775 0x2160 W32Time - ok
13:59:01.0778 0x2160 WacomPen - ok
13:59:01.0797 0x2160 WalletService - ok
13:59:01.0813 0x2160 wanarp - ok
13:59:01.0815 0x2160 wanarpv6 - ok
13:59:01.0821 0x2160 wbengine - ok
13:59:01.0855 0x2160 WbioSrvc - ok
13:59:01.0890 0x2160 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:59:01.0926 0x2160 Wcmsvc - ok
13:59:01.0940 0x2160 wcncsvc - ok
13:59:01.0954 0x2160 WcsPlugInService - ok
13:59:01.0971 0x2160 WdBoot - ok
13:59:01.0988 0x2160 Wdf01000 - ok
13:59:01.0993 0x2160 WdFilter - ok
13:59:02.0006 0x2160 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:59:02.0025 0x2160 WdiServiceHost - ok
13:59:02.0032 0x2160 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:59:02.0050 0x2160 WdiSystemHost - ok
13:59:02.0071 0x2160 wdiwifi - ok
13:59:02.0074 0x2160 WdNisDrv - ok
13:59:02.0113 0x2160 WdNisSvc - ok
13:59:02.0145 0x2160 WebClient - ok
13:59:02.0160 0x2160 Wecsvc - ok
13:59:02.0175 0x2160 WEPHOSTSVC - ok
13:59:02.0197 0x2160 wercplsupport - ok
13:59:02.0200 0x2160 WerSvc - ok
13:59:02.0220 0x2160 WFPLWFS - ok
13:59:02.0248 0x2160 WiaRpc - ok
13:59:02.0263 0x2160 WIMMount - ok
13:59:02.0266 0x2160 WinDefend - ok
13:59:02.0285 0x2160 WindowsTrustedRT - ok
13:59:02.0296 0x2160 WindowsTrustedRTProxy - ok
13:59:02.0355 0x2160 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:59:02.0397 0x2160 WinHttpAutoProxySvc - ok
13:59:02.0418 0x2160 WinMad - ok
13:59:02.0486 0x2160 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:59:02.0510 0x2160 Winmgmt - ok
13:59:02.0533 0x2160 WinRM - ok
13:59:02.0594 0x2160 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:59:02.0634 0x2160 WINUSB - ok
13:59:02.0665 0x2160 WinVerbs - ok
13:59:02.0705 0x2160 WlanSvc - ok
13:59:02.0750 0x2160 wlidsvc - ok
13:59:02.0766 0x2160 WmiAcpi - ok
13:59:02.0793 0x2160 wmiApSrv - ok
13:59:02.0842 0x2160 WMPNetworkSvc - ok
13:59:02.0902 0x2160 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:59:02.0913 0x2160 Wof - ok
13:59:02.0970 0x2160 workfolderssvc - ok
13:59:03.0002 0x2160 wpcfltr - ok
13:59:03.0023 0x2160 WPDBusEnum - ok
13:59:03.0031 0x2160 WpdUpFltr - ok
13:59:03.0088 0x2160 WpnService - ok
13:59:03.0105 0x2160 ws2ifsl - ok
13:59:03.0167 0x2160 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:59:03.0187 0x2160 wscsvc - ok
13:59:03.0189 0x2160 WSearch - ok
13:59:03.0203 0x2160 WSService - ok
13:59:03.0216 0x2160 wuauserv - ok
13:59:03.0226 0x2160 WudfPf - ok
13:59:03.0249 0x2160 WUDFRd - ok
13:59:03.0267 0x2160 wudfsvc - ok
13:59:03.0269 0x2160 WUDFWpdFs - ok
13:59:03.0290 0x2160 WwanSvc - ok
13:59:03.0320 0x2160 XblAuthManager - ok
13:59:03.0366 0x2160 XblGameSave - ok
13:59:03.0422 0x2160 xboxgip - ok
13:59:03.0454 0x2160 XboxNetApiSvc - ok
13:59:03.0479 0x2160 xinputhid - ok
13:59:03.0484 0x2160 ================ Scan global ===============================
13:59:03.0504 0x2160 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
13:59:03.0529 0x2160 [ 6C647A171ACA3838441206BBE715B0D7, 30ACA236E3D4A73F546AAA71D0FE80B1D66036AB7934B56CBF260F7E3A8C410F ] C:\WINDOWS\system32\winsrv.dll
13:59:03.0572 0x2160 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:59:03.0640 0x2160 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
13:59:03.0649 0x2160 [ Global ] - ok
13:59:03.0649 0x2160 ================ Scan MBR ==================================
13:59:03.0661 0x2160 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:59:03.0976 0x2160 \Device\Harddisk0\DR0 - ok
13:59:03.0976 0x2160 ================ Scan VBR ==================================
13:59:03.0998 0x2160 [ 980054069FCE2849626F09D5762FD9E3 ] \Device\Harddisk0\DR0\Partition1
13:59:04.0059 0x2160 \Device\Harddisk0\DR0\Partition1 - ok
13:59:04.0068 0x2160 [ 12095FD27140926273B709176FD15B9E ] \Device\Harddisk0\DR0\Partition2
13:59:04.0069 0x2160 \Device\Harddisk0\DR0\Partition2 - ok
13:59:04.0076 0x2160 [ 81B1C8BBD6151D572AFBD930E3E4027A ] \Device\Harddisk0\DR0\Partition3
13:59:04.0147 0x2160 \Device\Harddisk0\DR0\Partition3 - ok
13:59:04.0156 0x2160 [ DB8E70F7DED41A8174401A030CF041B3 ] \Device\Harddisk0\DR0\Partition4
13:59:04.0173 0x2160 \Device\Harddisk0\DR0\Partition4 - ok
13:59:04.0187 0x2160 [ F93560564B554AFD2D3BCA7CD5F2B1CC ] \Device\Harddisk0\DR0\Partition5
13:59:04.0219 0x2160 \Device\Harddisk0\DR0\Partition5 - ok
13:59:04.0222 0x2160 [ 429F23DFDB177CC8A0939CE2228B9B23 ] \Device\Harddisk0\DR0\Partition6
13:59:04.0240 0x2160 \Device\Harddisk0\DR0\Partition6 - ok
13:59:04.0241 0x2160 ================ Scan generic autorun ======================
13:59:04.0518 0x2160 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:59:04.0776 0x2160 RTHDVCPL - ok
13:59:04.0854 0x2160 [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] D:\Program Files\iTunes\iTunesHelper.exe
13:59:04.0871 0x2160 iTunesHelper - ok
13:59:04.0873 0x2160 P17RunE - ok
13:59:05.0086 0x2160 [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
13:59:05.0145 0x2160 KeePass 2 PreLoad - ok
13:59:05.0190 0x2160 [ 812EC7C5892262386C2B47E1083D456A, 06FC1D6D0F1D8C3C6E09E50C02FF75A50443F429BE3339909E416B29A255E8CC ] D:\Program Files (x86)\PDF24\pdf24.exe
13:59:05.0198 0x2160 PDFPrint - ok
13:59:05.0300 0x2160 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
13:59:05.0383 0x2160 SDTray - ok
13:59:05.0500 0x2160 Dropbox - ok
13:59:05.0530 0x2160 OneDriveSetup - ok
13:59:05.0531 0x2160 OneDriveSetup - ok
13:59:05.0583 0x2160 [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:59:05.0594 0x2160 OneDrive - ok
13:59:05.0631 0x2160 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:59:05.0659 0x2160 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
13:59:05.0659 0x2160 Detect skipped due to KSN trusted
13:59:05.0659 0x2160 SpybotPostWindows10UpgradeReInstall - ok
13:59:05.0737 0x2160 [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] D:\Program Files (x86)\Steam\steam.exe
13:59:05.0778 0x2160 Steam - ok
13:59:05.0781 0x2160 OneDriveSetup - ok
13:59:05.0784 0x2160 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
13:59:05.0784 0x2160 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
13:59:05.0785 0x2160 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
13:59:05.0921 0x2160 ============================================================
13:59:05.0921 0x2160 Scan finished
13:59:05.0921 0x2160 ============================================================
13:59:05.0925 0x1cd8 Detected object count: 0
13:59:05.0925 0x1cd8 Actual detected object count: 0
|
|
25.07.2016, 17:11
| #6 |
| /// Malwareteam | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Also GMER ist nicht mehr für Windows 8 aufwärts geeignet und wird auch nicht mehr entsprechend supportet. Genauso Spybot S&D ist ziemlich nutzlos geworden. Schritt: 1 Bitte deinstalliere die folgenden Programme über die Systemsteuerung:
Schritt: 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ --> Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten |
|
25.07.2016, 17:59
| #7 |
| | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Schritt 1: Spybot - Search & Destroy - Deinstalliert! Driver Booster 3.4 - Deinstalliert! Schritt 2: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.201 - Bericht erstellt am 25/07/2016 um 18:52:29
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-25.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Admin - MININT-JH7JDHE
# Gestartet von : D:\Downloads\AdwCleaner_5.201 (1).exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKCU\Software\IM
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [946 Bytes] - [25/07/2016 18:52:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [823 Bytes] - [12/07/2016 20:04:34]
C:\AdwCleaner\AdwCleaner[S3].txt - [1025 Bytes] - [25/07/2016 18:50:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1163 Bytes] ##########
|
|
25.07.2016, 18:39
| #8 |
| /// Malwareteam | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten Schritt: 1  Starte bitte wieder Malwarebytes Anti-Malware
Schritt: 2 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
25.07.2016, 20:48
| #9 |
| | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten zu Schritt 1: MBAM konnte vor dem Suchlauf nicht updaten, da es weiterhin keine Verbindung zu den Servern bekommt, hier das Logfile: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 25.07.2016 Suchlaufzeit: 20:03 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.02.16.06 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 383217 Abgelaufene Zeit: 9 Min., 6 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) ESET hat keine Bedrohungen gefunden Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb4852d34ff7a444a8e44c1aace30406
# end=init
# utc_time=2016-07-25 06:16:21
# local_time=2016-07-25 08:16:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 30215
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb4852d34ff7a444a8e44c1aace30406
# end=updated
# utc_time=2016-07-25 06:22:22
# local_time=2016-07-25 08:22:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=eb4852d34ff7a444a8e44c1aace30406
# engine=30215
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-25 07:33:52
# local_time=2016-07-25 09:33:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 9474 33697484 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 950191 23289375 0 0
# scanned=222093
# found=0
# cleaned=0
# scan_time=4289
|
|
26.07.2016, 22:27
| #10 |
| /// Malwareteam | Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten schalte mal die Kaspersky Firewall aus und schau, ob das Update von MBAM dann funktioniert.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Trojan.ProxyHijacker, Rootkit und Malwarebytes Antimalware kann nicht updaten |
| antimalware, boot, code, gmer, ics, infiziert, internet, kaspersky, malwarebytes, neu, performance, problem, registry, rootkit, scan, secure, security, server, suche, system32, update, verbindung, websites, windows, wmi |
Linear-Darstellung
