Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Directpay24 E-Mail bekommen und Zip Datei geöffnet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.07.2016, 16:24   #1
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Hallo bin ganz neu hier, da ich mein erstes "großes" Problem mit einem Trojaner habe.

Nichts ahnend habe ich meine Mails gecheckt und hatte da eine der bekannten Mahnmails von directpay24 drauf. Leider habe ich Sie geöffnet und auch den Anhang heruntergeladen und geöffnet. Doch ich habe direkt gemerkt, was ich für ein Fehler begangen habe und direkt die Datei geschreddert. Schätze aber, dass es schon zu spät war. Dummerweise war ich im Onlinebanking eingeloggt und direkt kam eine Warnung, dass ein Trojaner vorgibt das Onlinebanking auf SMSTan umzustellen. Habe direkt alle Passwörter von einem "reinen" Pc geändert und bei dem verseuchten läuft seit über 3 Std ein Avira Antivir komplett Scan.
Was kann ich weiterhin tun? Habe gelesen, dass dieser Trojaner speziell für Bankdatenspionage entwickelt wurde. Habe nun Bammel, dass all meine Vertraulichen Daten wie Kreditkartennummer etc in falsche Hände kommt..

Ich hoffe ihr könnt mir helfen! bin leider echt kein Profi in Sachen Computer und wäre um jeden Rat dankbar.

Mit freundlichen Grüßen

Alt 26.07.2016, 15:02   #2
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 27.07.2016, 11:26   #3
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-07-2016
durchgeführt von Joel Schirm (2016-07-27 10:20:56)
Gestartet von C:\Users\Joel Schirm\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-14 00:02:30)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-91962927-1255909171-1727231816-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-91962927-1255909171-1727231816-503 - Limited - Disabled)
Gast (S-1-5-21-91962927-1255909171-1727231816-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-91962927-1255909171-1727231816-1003 - Limited - Enabled)
Joel Schirm (S-1-5-21-91962927-1255909171-1727231816-1001 - Administrator - Enabled) => C:\Users\Joel Schirm

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.7 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Longman iBT Prep 2.0 (HKLM-x32\...\Longman iBT 2.0) (Version:  - )
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.227 - McAfee, Inc.)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
OpenOffice Beta 4.1.0 (HKLM-x32\...\{E0284E69-DDCE-4AB0-9A6B-22DC9CB8D7DB}) (Version: 4.10.9760 - Apache Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1C01}) (Version: 12.28.1.169 - APN, LLC) <==== ACHTUNG
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C1C01}) (Version: 12.28.1.170 - APN, LLC) <==== ACHTUNG
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SkyTest for ATCO Screenings 3 (HKLM-x32\...\{E0C7ACB5-CF62-499E-BB93-784C5E4F27AF}) (Version: 3.0.3 - SkyTest)
SkyTest Swiss (HKLM-x32\...\{B9453B54-1721-4F70-9CF9-1FE283F9528F}) (Version: 3.1.4 - SkyTest)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.52 - Synaptics Incorporated)
ToPilots BU (HKLM-x32\...\{3623F5FD-0137-4847-B25B-454DB79E86CF}) (Version: 3.0.13 - ToPilots)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04B60928-49AE-435F-9A1F-0B0E88580F36} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.)
Task: {05F6E57A-5CC4-43B4-85F5-FA4103D18931} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {0A636694-51D8-4CEA-B556-9586C696CC5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0BB1F085-8DE9-413E-BF56-5F3719E539B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1C56FD5E-D85C-41E5-9224-C897114D1757} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {3CC98E34-632F-41CE-B89F-BEF3BCB32D2D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4BCD3516-4D6F-4285-AA07-657431159806} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {514360DF-0685-40B0-81B0-450E1313F1E2} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {52EF4DF8-76E9-4CC4-AA1D-F6AE1AB61497} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {5CC96094-35C5-4BE2-BF41-00EB21ACA557} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {62413DC3-7665-4E42-8F2A-2A4EC72AF377} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {64CC9B0B-EDFC-4879-877E-79965B0752FB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6B5BDB46-759E-4EC9-A0D1-5A6106AA6EE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6E1FF3AF-7810-4083-B8CD-9C245C3BBC64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {75D962DC-26D7-4265-B311-96F859B819AC} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Joel.Schirm@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {797A7927-DE48-475A-B38A-11D6124DCBBB} - System32\Tasks\SafeZone scheduled Autoupdate 1469467191 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {8409C4EA-EE40-4A59-B99B-6424AF655962} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.)
Task: {85981A42-1573-48BA-B49C-3569F61E7FD3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {8B142332-8DC1-452D-B108-FBF32EC653BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8DFC7E36-87F4-49D7-B17A-4624FCC84946} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {913E8AD4-A22B-4250-BEBD-510E42881134} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-25] (AVAST Software)
Task: {93347DF4-5F18-4248-AEE6-D871894B8294} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {9A1E926E-E9C4-4F5B-ABA5-7AD13956E242} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A7FC99A7-A46D-488E-9B9A-D4B8D74D3044} - System32\Tasks\{756D55BB-E05A-40B1-898C-4377132733E9} => pcalua.exe -a "C:\Users\Joel Schirm\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: {BAE6D4D1-FCB6-4F7F-85DE-F8D080D0D0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {BBAE94AE-404F-432F-91EB-68547ED70181} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-91962927-1255909171-1727231816-1001
Task: {F1183DCB-782A-46D0-95DC-A94521F4B3A9} - System32\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F9BFD676-31FD-4B93-986A-670AE385EB3C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {FBA71317-EB0D-4719-A075-715EE0EA0F86} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Joel Schirm\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 15:23 - 2016-05-20 15:23 - 00959168 _____ () C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-13 16:52 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:31 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-10 14:24 - 2016-06-10 14:25 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-10 14:24 - 2016-06-10 14:25 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-10 14:24 - 2016-06-10 14:25 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-05 03:55 - 2016-03-05 03:57 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-27 00:40 - 2016-07-27 00:40 - 03001344 _____ () C:\Program Files\AVAST Software\Avast\defs\16072601\algo.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-12-09 07:46 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-20 15:23 - 2016-05-20 15:23 - 00679624 _____ () C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-12-13 23:51 - 2016-06-07 03:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-12 22:47 - 2016-06-07 03:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-07-12 22:47 - 2016-06-07 03:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-07-12 22:47 - 2016-06-07 03:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-13 23:51 - 2016-06-07 03:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-13 23:51 - 2016-06-07 03:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-13 23:51 - 2016-07-05 20:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-07-12 22:47 - 2016-06-07 03:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-13 23:51 - 2016-07-05 20:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-13 23:51 - 2016-06-07 03:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-07-12 22:47 - 2016-07-05 19:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 23:51 - 2016-06-07 03:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-07-12 22:47 - 2016-07-05 19:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-07-12 22:47 - 2016-07-05 19:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-13 23:51 - 2016-07-05 20:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-07-12 22:47 - 2016-06-07 04:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-07-12 22:47 - 2016-07-05 19:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-13 23:51 - 2016-06-07 03:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-07-12 22:47 - 2016-06-07 03:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-07-12 22:47 - 2016-07-05 19:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-13 23:51 - 2016-07-05 20:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-24 08:43 - 2016-07-05 20:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-07-12 22:47 - 2016-06-07 04:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-07-12 22:47 - 2016-07-05 20:00 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-07-12 22:47 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-07-12 22:47 - 2016-07-05 20:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-12 22:47 - 2016-07-05 20:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-13 23:51 - 2016-06-07 03:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-13 23:51 - 2016-06-07 04:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-04-16 11:45 - 2016-07-05 20:00 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-12-13 23:51 - 2016-07-05 20:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-07-12 22:47 - 2016-07-05 20:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-10-02 23:15 - 2015-10-02 23:15 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-18 11:24 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 11:24 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joel Schirm\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{73ae6d29-60ae-4dc6-89aa-2153987a2798}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "mcpltui_exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{327ACBA0-9C67-43F4-8A88-F4D2D62CA4EB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{059BF4A1-25EB-461D-942D-C7E0FAFC06D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06004B32-291C-441A-830E-60DC7B354B79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A51DC92A-2B7D-4E11-9FDD-26AF267D041B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{78E4D982-678B-455B-9DBB-485556DFF290}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0314973B-1A3B-4F5A-A45A-919579D43449}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A870DB4A-ADEF-422A-B2BE-4D9CC8226C00}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{338A0D27-F6CC-4370-896C-185205B4CBB1}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{9065C1E9-4CF6-4278-A23E-3095A70F24BE}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{EE1C6A63-8939-4068-85E5-68EB80B4F1F0}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{99D51750-0805-4D70-827A-8F0F962B8C3F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{4E60F0A2-B7F5-459A-8785-B02F1FDC4EA0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{82FC926F-F087-4EE6-BA93-44F8420B83F6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C29CA3C7-5D12-4294-86C2-EADDC67C2701}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DFC0D74B-6EF6-4722-9358-F50231B98D81}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{2EF530F5-DA9E-47BF-BF7E-4DC3B478CB78}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{2506D337-7978-49C4-9774-948D21949B4D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D7812491-B57E-41E8-B29C-942453E7AB2A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{0469E918-6B6C-4F64-9A74-43D3A738867D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{041F40CE-F050-4FEE-8840-44D8433F070C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{A970556D-7597-43E1-8672-E1DBBE84668F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0E567244-83E7-431D-A1F9-7A813811AE9C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B6A8439D-7F0A-4E40-A981-C0A7F2CEB9CA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{5898ECBD-567C-436E-9CE7-6B2FF6DD5A59}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{206E8D8F-3ACC-4B96-A130-95912AC2C003}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{0EAA41DB-FC29-485D-93F5-A38EA4C3AAA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{18BA6EF2-EB20-4497-8C15-1E4950EA0D12}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0B232779-C762-447C-8475-E6E2B013B88C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AAF4F8D-AB6A-4F37-8A69-6699E072487B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9ABAE1F3-0038-423F-B296-84E94C137D0C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D9D523F-157F-4EFF-A8C7-3BFDFF1CEF23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CDAF6C5-EF7A-4A67-A33D-3AD65BFBBCBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F04CC0-F09A-41E3-AF61-D7F58C3DC925}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B7D46248-4F6F-4C19-8B7E-F84812DBB22B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{82AAACAE-2506-47C8-954F-54AF3EB5DDE9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{1571FC9D-B586-4BBA-9DC3-7806610EC6FE}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

27-07-2016 00:51:58 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/27/2016 12:52:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/27/2016 12:40:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.1.47.11018, Zeitstempel: 0x55f12efe
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x1740
Startzeit der fehlerhaften Anwendung: 0xAvira.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.ServiceHost.exe2
Berichtskennung: Avira.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.ServiceHost.exe5

Error: (07/27/2016 12:40:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.MissingMethodException
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.HasTrustworthyAviraSignature(System.String)
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.VerifyAviraSignature(System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.IsSignatureValid(Avira.OE.CertificateTools.IAuthenticodeVerifier, System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier+<>c__DisplayClass2.<AreSignaturesValid>b__1(System.String)
   bei System.Linq.Enumerable.All[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.AreSignaturesValid(System.Collections.Generic.IEnumerable`1<System.String>)
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/27/2016 12:40:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.1.47.11018, Zeitstempel: 0x55f12efe
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x162c
Startzeit der fehlerhaften Anwendung: 0xAvira.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.ServiceHost.exe2
Berichtskennung: Avira.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.ServiceHost.exe5

Error: (07/27/2016 12:40:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.MissingMethodException
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.HasTrustworthyAviraSignature(System.String)
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.VerifyAviraSignature(System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.IsSignatureValid(Avira.OE.CertificateTools.IAuthenticodeVerifier, System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier+<>c__DisplayClass2.<AreSignaturesValid>b__1(System.String)
   bei System.Linq.Enumerable.All[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.AreSignaturesValid(System.Collections.Generic.IEnumerable`1<System.String>)
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/27/2016 12:39:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.1.47.11018, Zeitstempel: 0x55f12efe
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x8f0
Startzeit der fehlerhaften Anwendung: 0xAvira.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.ServiceHost.exe2
Berichtskennung: Avira.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.ServiceHost.exe5

Error: (07/27/2016 12:39:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.MissingMethodException
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.HasTrustworthyAviraSignature(System.String)
   bei Avira.OE.CertificateTools.AuthenticodeVerifier.VerifyAviraSignature(System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.IsSignatureValid(Avira.OE.CertificateTools.IAuthenticodeVerifier, System.String)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier+<>c__DisplayClass2.<AreSignaturesValid>b__1(System.String)
   bei System.Linq.Enumerable.All[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
   bei Avira.OE.ServiceHost.AssemblyLoadVerifier.AreSignaturesValid(System.Collections.Generic.IEnumerable`1<System.String>)
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/26/2016 09:42:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45673922

Error: (07/26/2016 09:42:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45673922

Error: (07/26/2016 09:42:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (07/27/2016 08:17:03 AM) (Source: DCOM) (EventID: 10000) (User: JOEL)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}

Error: (07/27/2016 08:13:03 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/27/2016 12:40:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (07/27/2016 12:40:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2016 12:40:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2016 09:58:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_49144" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2016 09:58:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _49144" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2016 09:58:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_49144" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2016 09:58:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_49144" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2016 09:58:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-07-14 21:13:01.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 20:08:54.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-19 21:42:30.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 19:38:43.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 10:55:53.157
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 15:13:01.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-17 10:52:19.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 20:06:48.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-08 10:35:04.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-30 22:05:36.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8005.28 MB
Verfügbarer physikalischer RAM: 4219.95 MB
Summe virtueller Speicher: 9285.28 MB
Verfügbarer virtueller Speicher: 5210.36 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:447.25 GB) (Free:117.45 GB) NTFS
Drive d: (FlightYokeQV1.1) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
Drive e: () (Removable) (Total:59.45 GB) (Free:59.45 GB) exFAT

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 67E41FCE)

Partition: GPT.

========================================================
Disk: 1 (Size: 59.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

Alt 27.07.2016, 11:27   #4
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-07-2016
durchgeführt von Joel Schirm (Administrator) auf JOEL (27-07-2016 10:18:49)
Gestartet von C:\Users\Joel Schirm\Downloads
Geladene Profile: Joel Schirm (Verfügbare Profile: Joel Schirm & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7167.57761.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SkyTest) C:\Program Files (x86)\SkyTest\Swiss3\SkyTestSw3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2965816 2012-10-19] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2012-12-09] (Dritek System Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mbot_de_101] => [X]
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Joel Schirm\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-25] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\...\MountPoints2: {5418aa2c-41c2-11e2-be6a-806e6f6e6963} - "D:\setup.exe" 
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-10-25]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74c436f5-4879-483d-9564-e1ce0daea3cc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ee9e0dd8-5abb-42b7-bde8-7817331012e0}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wikipedia.de/
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> DefaultScope {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> {43005E6C-AA4D-4BD6-9190-FFE933D2DB32} URL = 
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> {55EB01FB-EDA9-4BE0-9575-3C497F018BA7} URL = hxxp://www.search.ask.com/web?tpid=ORJ-ST-SPE&o=APN11461&pf=V7&p2=^BE7^OSJ000^YY^DE&gct=&itbv=12.24.1.53&apn_uid=036C9F31-B477-4543-8053-3BD84CCD9E5A&apn_ptnrs=BE7&apn_dtid=^OSJ000^YY^DE&apn_dbr=ie_11.0.9600.17416&doi=2015-05-06&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
BHO: Kein Name -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> Kein Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  Keine Datei
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Joel Schirm\AppData\Roaming\Mozilla\Firefox\Profiles\JkeDuTSU.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Joel Schirm\AppData\Roaming\Mozilla\Firefox\Profiles\JkeDuTSU.default\Extensions\abs@avira.com [2015-02-06] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-25]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-19] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE662D20151120&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-11-22]
CHR Extension: (Avast SafePrice) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-25]
CHR Extension: (SiteAdvisor) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-25]
CHR Extension: (AdBlock) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-04-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-04-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-08-27] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-25] (AVAST Software)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-07-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2012-12-09] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-25] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-17] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-09] (Dritek System Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 SaiH0763; C:\Windows\system32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
R3 SaiH0BAC; C:\Windows\system32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-27 10:18 - 2016-07-27 10:19 - 00030800 _____ C:\Users\Joel Schirm\Downloads\FRST.txt
2016-07-27 10:18 - 2016-07-27 10:18 - 00000000 ____D C:\FRST
2016-07-27 10:17 - 2016-07-27 10:18 - 02394112 _____ (Farbar) C:\Users\Joel Schirm\Downloads\FRST64.exe
2016-07-27 10:15 - 2016-07-27 10:16 - 01744384 _____ (Farbar) C:\Users\Joel Schirm\Downloads\FRST.exe
2016-07-27 08:57 - 2016-07-27 08:57 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-27 08:57 - 2016-07-27 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-27 08:56 - 2016-07-27 08:57 - 00000000 ____D C:\Program Files\iTunes
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files\iPod
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Sun
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\.oracle_jre_usage
2016-07-27 08:48 - 2016-07-27 08:48 - 00001918 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-27 08:15 - 2016-07-27 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-07-27 08:10 - 2016-07-27 08:10 - 00000000 ___HD C:\OneDriveTemp
2016-07-25 19:20 - 2016-07-25 19:20 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1469467191
2016-07-25 19:20 - 2016-07-25 19:20 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\CEF
2016-07-25 19:19 - 2016-07-25 19:19 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-25 19:17 - 2016-07-25 19:49 - 1276319704 _____ C:\Users\Joel Schirm\Downloads\Notfall_DVD_7.0_Free.zip
2016-07-25 19:13 - 2016-07-25 19:13 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\AVAST Software
2016-07-25 19:12 - 2016-07-26 08:18 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-25 19:12 - 2016-07-25 19:12 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-25 19:12 - 2016-07-25 19:12 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:12 - 00001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-25 19:12 - 2016-07-25 19:11 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-25 19:11 - 2016-07-25 19:11 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-25 19:08 - 2016-07-25 19:19 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:05 - 06253640 _____ (AVAST Software) C:\Users\Joel Schirm\Downloads\avast_free_antivirus_setup_online.exe
2016-07-13 16:54 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 16:54 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 16:54 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 16:54 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 16:54 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 16:54 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 16:54 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 16:54 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 16:54 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 16:54 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 16:54 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 16:54 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 16:54 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 16:54 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 16:54 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 16:54 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 16:54 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 16:54 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 16:54 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 16:54 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 16:54 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 16:53 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 16:53 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 16:53 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 16:53 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 16:53 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 16:53 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 16:53 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 16:53 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 16:53 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 16:53 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 16:53 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 16:53 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 16:53 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 16:53 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 16:53 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 16:53 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 16:53 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 16:52 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 16:52 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 16:52 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 16:52 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 16:52 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 16:52 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 16:52 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 16:52 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 16:52 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 16:52 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 16:52 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 16:52 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 16:52 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 16:52 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 16:52 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 16:52 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 16:52 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 16:52 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 16:52 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 16:52 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 16:52 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 16:52 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 16:52 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 16:52 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 22:47 - 2016-07-12 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-28 22:06 - 2016-06-28 22:06 - 00089850 _____ C:\Users\Joel Schirm\Downloads\Information_20160609.pdf
2016-06-28 22:06 - 2016-06-28 22:06 - 00082140 _____ C:\Users\Joel Schirm\Downloads\Information_20160321.pdf
2016-06-28 22:05 - 2016-06-28 22:05 - 00044142 _____ C:\Users\Joel Schirm\Downloads\Ertraegnisaufstellung_20160216.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00022615 _____ C:\Users\Joel Schirm\Downloads\Extra_Konto_5547106976_Kontoauszug_20160106.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00015565 _____ C:\Users\Joel Schirm\Downloads\Jahressteuerbescheinigung_20160216.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208 (1).pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-27 10:19 - 2014-09-23 18:25 - 00000000 ___RD C:\Users\Joel Schirm\Desktop\Acer Laptop
2016-07-27 10:12 - 2015-07-31 13:40 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Skype
2016-07-27 09:44 - 2015-09-04 23:39 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-27 09:30 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-27 09:26 - 2014-11-16 07:16 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e.job
2016-07-27 09:21 - 2014-09-24 13:02 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-27 09:03 - 2015-04-05 16:37 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2016-07-27 08:56 - 2015-04-03 16:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-27 08:49 - 2015-12-14 01:26 - 00000000 ____D C:\Users\Joel Schirm
2016-07-27 08:49 - 2015-04-05 16:35 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-27 08:49 - 2015-04-05 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-27 08:49 - 2015-04-05 16:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-27 08:24 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-27 08:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-27 08:15 - 2015-11-11 08:50 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\Adobe
2016-07-27 08:14 - 2014-10-18 10:54 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7982CE35-C0E7-4176-B59C-86FF61A832AC}
2016-07-27 08:13 - 2015-09-04 23:42 - 00000000 ___RD C:\Users\Joel Schirm\Dropbox
2016-07-27 08:10 - 2015-09-04 23:39 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-27 08:10 - 2014-11-05 23:47 - 00000000 ___RD C:\Users\Joel Schirm\OneDrive
2016-07-27 08:10 - 2014-09-24 13:02 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-27 00:38 - 2015-12-14 01:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-26 21:58 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-25 13:30 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-25 13:30 - 2012-10-25 06:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-07-22 16:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-21 16:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-14 21:10 - 2015-12-14 01:25 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-14 21:10 - 2015-10-30 20:35 - 00888352 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-14 21:10 - 2015-10-30 20:35 - 00196960 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-14 21:06 - 2014-09-23 17:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-13 20:02 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 17:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 17:23 - 2014-09-23 19:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 17:15 - 2014-09-23 19:10 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-13 17:05 - 2014-09-24 15:33 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\ElevatedDiagnostics
2016-07-12 22:48 - 2015-04-21 19:06 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\SkyTestSw30
2016-07-12 22:47 - 2015-09-04 23:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-06 19:22 - 2014-12-17 15:30 - 00000000 ___RD C:\Users\Joel Schirm\Documents\Scanned Documents
2016-07-06 19:10 - 2014-11-16 07:16 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:05 - 2015-12-14 01:21 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-27 17:40 - 2015-03-10 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-24 12:08 - 2014-09-24 13:40 - 0000318 _____ () C:\Users\Joel Schirm\AppData\Roaming\aps.uninstall.scan.results
2014-09-01 10:18 - 2014-10-25 10:17 - 0000365 _____ () C:\Users\Joel Schirm\AppData\Roaming\XREPVZV
2015-02-06 01:17 - 2015-02-06 01:17 - 0000017 _____ () C:\Users\Joel Schirm\AppData\Local\resmon.resmoncfg
2015-09-09 16:27 - 2015-09-09 16:27 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{908A77B8-FE70-4C28-9315-E04AD53DB650}
2015-11-20 11:56 - 2015-11-20 11:56 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{9390F065-752A-4AC5-ABC5-79D38CA0E10A}

Einige Dateien in TEMP:
====================
C:\Users\Joel Schirm\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-22 16:56

==================== Ende von FRST.txt ============================
         

Alt 27.07.2016, 11:32   #5
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
12:28:07.0696 0x3ba0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:28:07.0696 0x3ba0  UEFI system
12:28:10.0402 0x3ba0  ============================================================
12:28:10.0402 0x3ba0  Current date / time: 2016/07/27 12:28:10.0402
12:28:10.0402 0x3ba0  SystemInfo:
12:28:10.0402 0x3ba0  
12:28:10.0403 0x3ba0  OS Version: 10.0.10586 ServicePack: 0.0
12:28:10.0403 0x3ba0  Product type: Workstation
12:28:10.0403 0x3ba0  ComputerName: JOEL
12:28:10.0403 0x3ba0  UserName: Joel Schirm
12:28:10.0403 0x3ba0  Windows directory: C:\WINDOWS
12:28:10.0403 0x3ba0  System windows directory: C:\WINDOWS
12:28:10.0403 0x3ba0  Running under WOW64
12:28:10.0403 0x3ba0  Processor architecture: Intel x64
12:28:10.0403 0x3ba0  Number of processors: 2
12:28:10.0403 0x3ba0  Page size: 0x1000
12:28:10.0403 0x3ba0  Boot type: Normal boot
12:28:10.0403 0x3ba0  ============================================================
12:28:10.0792 0x3ba0  KLMD registered as C:\WINDOWS\system32\drivers\48378778.sys
12:28:11.0401 0x3ba0  System UUID: {AF94AEF4-796F-027C-BA39-07DB94DA2113}
12:28:12.0529 0x3ba0  Drive \Device\Harddisk1\DR1 - Size: 0xEDEA00000 ( 59.48 Gb ), SectorSize: 0x200, Cylinders: 0x1E54, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
12:28:12.0539 0x3ba0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:12.0542 0x3ba0  Drive \Device\Harddisk1\DR1 - Size: 0xEDEA00000 ( 59.48 Gb ), SectorSize: 0x200, Cylinders: 0x1E54, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:28:12.0546 0x3ba0  ============================================================
12:28:12.0546 0x3ba0  \Device\Harddisk1\DR1:
12:28:12.0546 0x3ba0  MBR partitions:
12:28:12.0546 0x3ba0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x8000, BlocksNum 0x76ED000
12:28:12.0546 0x3ba0  \Device\Harddisk0\DR0:
12:28:12.0547 0x3ba0  GPT partitions:
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9A3D49ED-6C23-4299-B2B6-CBDA72197E74}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {137413F9-C262-442A-893B-B4846AF7F3A6}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DB3ABD4E-1470-4879-9A33-FC5B0F458693}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A571C322-F573-4598-B119-44BDA83B4DAE}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37E81000
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {379FC74B-F246-458D-A8F2-FD381F3A1630}, Name: , StartLBA 0x3801F800, BlocksNum 0xE1000
12:28:12.0547 0x3ba0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A9390C4F-EE1C-4934-8144-529D9F7EAC3F}, Name: Basic data partition, StartLBA 0x38100800, BlocksNum 0x2285800
12:28:12.0547 0x3ba0  MBR partitions:
12:28:12.0547 0x3ba0  \Device\Harddisk1\DR1:
12:28:12.0548 0x3ba0  MBR partitions:
12:28:12.0548 0x3ba0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x8000, BlocksNum 0x76ED000
12:28:12.0548 0x3ba0  ============================================================
12:28:12.0565 0x3ba0  C: <-> \Device\Harddisk0\DR0\Partition4
12:28:12.0565 0x3ba0  ============================================================
12:28:12.0565 0x3ba0  Initialize success
12:28:12.0565 0x3ba0  ============================================================
12:28:14.0045 0x3a60  ============================================================
12:28:14.0046 0x3a60  Scan started
12:28:14.0046 0x3a60  Mode: Manual; 
12:28:14.0046 0x3a60  ============================================================
12:28:14.0046 0x3a60  KSN ping started
12:28:14.0148 0x3a60  KSN ping finished: true
12:28:16.0436 0x3a60  ================ Scan system memory ========================
12:28:16.0436 0x3a60  System memory - ok
12:28:16.0437 0x3a60  ================ Scan services =============================
12:28:16.0646 0x3a60  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:28:16.0654 0x3a60  1394ohci - ok
12:28:16.0691 0x3a60  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:28:16.0696 0x3a60  3ware - ok
12:28:16.0743 0x3a60  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:28:16.0767 0x3a60  ACPI - ok
12:28:16.0780 0x3a60  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:28:16.0785 0x3a60  acpiex - ok
12:28:16.0801 0x3a60  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:28:16.0802 0x3a60  acpipagr - ok
12:28:16.0831 0x3a60  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:28:16.0833 0x3a60  AcpiPmi - ok
12:28:16.0846 0x3a60  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:28:16.0848 0x3a60  acpitime - ok
12:28:16.0974 0x3a60  [ 37E0AAD625E2CFCED30EA6B44A26D21B, 4E646944C10A91A36FBA16532DCEA01376C742197DDCB6D6CB8AC5CE04353FE3 ] AdobeActiveFileMonitor14.0 C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
12:28:16.0980 0x3a60  AdobeActiveFileMonitor14.0 - ok
12:28:17.0038 0x3a60  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:28:17.0095 0x3a60  ADP80XX - ok
12:28:17.0190 0x3a60  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:28:17.0212 0x3a60  AFD - ok
12:28:17.0228 0x3a60  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
12:28:17.0231 0x3a60  agp440 - ok
12:28:17.0252 0x3a60  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:28:17.0259 0x3a60  ahcache - ok
12:28:17.0297 0x3a60  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
12:28:17.0299 0x3a60  AJRouter - ok
12:28:17.0326 0x3a60  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
12:28:17.0330 0x3a60  ALG - ok
12:28:17.0361 0x3a60  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:28:17.0366 0x3a60  AmdK8 - ok
12:28:17.0387 0x3a60  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:28:17.0391 0x3a60  AmdPPM - ok
12:28:17.0409 0x3a60  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:28:17.0413 0x3a60  amdsata - ok
12:28:17.0429 0x3a60  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:28:17.0437 0x3a60  amdsbs - ok
12:28:17.0447 0x3a60  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:28:17.0449 0x3a60  amdxata - ok
12:28:17.0568 0x3a60  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:28:17.0592 0x3a60  AntiVirMailService - ok
12:28:17.0622 0x3a60  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:28:17.0634 0x3a60  AntiVirSchedulerService - ok
12:28:17.0673 0x3a60  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:28:17.0684 0x3a60  AntiVirService - ok
12:28:17.0809 0x3a60  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:28:17.0842 0x3a60  AntiVirWebService - ok
12:28:17.0924 0x3a60  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
12:28:17.0927 0x3a60  AppHostSvc - ok
12:28:17.0960 0x3a60  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:28:17.0965 0x3a60  AppID - ok
12:28:18.0002 0x3a60  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:28:18.0005 0x3a60  AppIDSvc - ok
12:28:18.0024 0x3a60  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:28:18.0028 0x3a60  Appinfo - ok
12:28:18.0105 0x3a60  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:28:18.0108 0x3a60  Apple Mobile Device Service - ok
12:28:18.0167 0x3a60  [ 682F73D86501D75B131A1D59539A475D, 1C3E1728F3995BBFC2BCE90EFD118B0B864103B16F587A1374D8B3A00403B9E3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:28:18.0187 0x3a60  AppReadiness - ok
12:28:18.0291 0x3a60  [ AA27A3DF5CDA714F0DD47A48FE7CA8C3, C87425A11162F3EE422C90F6E66CB0176126C9C6374AB80BD9CE6B30DE73B1A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:28:18.0383 0x3a60  AppXSvc - ok
12:28:18.0426 0x3a60  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:28:18.0431 0x3a60  arcsas - ok
12:28:18.0541 0x3a60  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:28:18.0589 0x3a60  aspnet_state - ok
12:28:18.0658 0x3a60  [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1CCBA6A0D52F901 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
12:28:18.0660 0x3a60  aswHwid - ok
12:28:18.0694 0x3a60  [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC45067A354315C9A89 ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
12:28:18.0696 0x3a60  aswKbd - ok
12:28:18.0716 0x3a60  [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB239463D0FBB9841 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:28:18.0720 0x3a60  aswMonFlt - ok
12:28:18.0736 0x3a60  [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D5D493B415719A7 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
12:28:18.0740 0x3a60  aswRdr - ok
12:28:18.0756 0x3a60  [ 4ABDD84A67378E866BC15DDC9916BA71, 7F67252BE1B9979507F16C8B48D6B2D103B80C4B0765ED3E495DE48E5250EF63 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
12:28:18.0759 0x3a60  aswRvrt - ok
12:28:18.0853 0x3a60  [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E757157D9B195CCD5BA ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
12:28:18.0887 0x3a60  aswSnx - ok
12:28:18.0935 0x3a60  [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC5008AFB9698E57 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
12:28:18.0955 0x3a60  aswSP - ok
12:28:19.0001 0x3a60  [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD9643A5A19AB944 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
12:28:19.0007 0x3a60  aswStm - ok
12:28:19.0025 0x3a60  [ DA7B392FB478EB42BE925433D27940F8, 29855D202850F8EEB33C2339776DAAAF8CF7ED5B2C2BB032B196C2076E974E77 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
12:28:19.0034 0x3a60  aswVmm - ok
12:28:19.0054 0x3a60  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
12:28:19.0056 0x3a60  AsyncMac - ok
12:28:19.0068 0x3a60  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:28:19.0070 0x3a60  atapi - ok
12:28:19.0108 0x3a60  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:28:19.0116 0x3a60  AudioEndpointBuilder - ok
12:28:19.0184 0x3a60  [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:28:19.0208 0x3a60  Audiosrv - ok
12:28:19.0282 0x3a60  [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA85C26B6F7EF620B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:28:19.0287 0x3a60  avast! Antivirus - ok
12:28:19.0321 0x3a60  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:28:19.0326 0x3a60  avgntflt - ok
12:28:19.0361 0x3a60  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:28:19.0366 0x3a60  avipbb - ok
12:28:19.0441 0x3a60  [ 76648BCBEB840B391E85DAD2DC04FFC9, F30FC3CB49DE1B79E8EFA78ED4679E870ADD17B3101219A1EC2D18DDE7712F66 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:28:19.0449 0x3a60  Avira.ServiceHost - ok
12:28:19.0491 0x3a60  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:28:19.0494 0x3a60  avkmgr - ok
12:28:19.0518 0x3a60  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
12:28:19.0521 0x3a60  avnetflt - ok
12:28:19.0560 0x3a60  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:28:19.0565 0x3a60  AxInstSV - ok
12:28:19.0614 0x3a60  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:28:19.0637 0x3a60  b06bdrv - ok
12:28:19.0680 0x3a60  [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
12:28:19.0683 0x3a60  b57xdbd - ok
12:28:19.0718 0x3a60  [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
12:28:19.0720 0x3a60  b57xdmp - ok
12:28:19.0761 0x3a60  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:28:19.0764 0x3a60  BasicDisplay - ok
12:28:19.0774 0x3a60  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:28:19.0776 0x3a60  BasicRender - ok
12:28:19.0803 0x3a60  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
12:28:19.0805 0x3a60  bcmfn - ok
12:28:19.0810 0x3a60  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:28:19.0812 0x3a60  bcmfn2 - ok
12:28:19.0857 0x3a60  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:28:19.0868 0x3a60  BDESVC - ok
12:28:19.0901 0x3a60  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:28:19.0903 0x3a60  Beep - ok
12:28:19.0965 0x3a60  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
12:28:19.0985 0x3a60  BFE - ok
12:28:20.0052 0x3a60  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
12:28:20.0107 0x3a60  BITS - ok
12:28:20.0165 0x3a60  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:28:20.0176 0x3a60  Bonjour Service - ok
12:28:20.0198 0x3a60  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:28:20.0201 0x3a60  bowser - ok
12:28:20.0244 0x3a60  [ 5C6ADD0111E1C6601B5911F7ACF85BB8, 1653E8725478C8118D2AF15399A1A44464AFDC6F66EB1A90BB268A0692831AEE ] BrcmCardReader  C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
12:28:20.0250 0x3a60  BrcmCardReader - ok
12:28:20.0304 0x3a60  [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:28:20.0319 0x3a60  BrokerInfrastructure - ok
12:28:20.0355 0x3a60  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
12:28:20.0359 0x3a60  Browser - ok
12:28:20.0399 0x3a60  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
12:28:20.0402 0x3a60  BrSerIb - ok
12:28:20.0540 0x3a60  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
12:28:20.0542 0x3a60  BrUsbSIb - ok
12:28:20.0580 0x3a60  [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
12:28:20.0583 0x3a60  bScsiMSa - ok
12:28:20.0615 0x3a60  [ 8F62F985BDD2F333A3EE34D54894363D, 44755CEEE5B1823990547C1F22FFC833D7BD693E6C3DD056B0C41615ED61ED4C ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
12:28:20.0618 0x3a60  bScsiSDa - ok
12:28:20.0652 0x3a60  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:28:20.0654 0x3a60  BthAvrcpTg - ok
12:28:20.0669 0x3a60  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:28:20.0672 0x3a60  BthHFEnum - ok
12:28:20.0678 0x3a60  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:28:20.0680 0x3a60  bthhfhid - ok
12:28:20.0730 0x3a60  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:28:20.0740 0x3a60  BthHFSrv - ok
12:28:20.0770 0x3a60  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:28:20.0773 0x3a60  BTHMODEM - ok
12:28:20.0800 0x3a60  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:28:20.0804 0x3a60  bthserv - ok
12:28:20.0841 0x3a60  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:28:20.0843 0x3a60  buttonconverter - ok
12:28:20.0877 0x3a60  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
12:28:20.0881 0x3a60  CapImg - ok
12:28:20.0991 0x3a60  [ CFA963D67CF8791B2145ED9E2B89ED95, 8A325E8257C3D948C4571B4386282C0A7102235C1202BED1654AE037BEAD0B49 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
12:28:21.0080 0x3a60  CCDMonitorService - ok
12:28:21.0103 0x3a60  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:28:21.0106 0x3a60  cdfs - ok
12:28:21.0157 0x3a60  [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
12:28:21.0167 0x3a60  CDPSvc - ok
12:28:21.0190 0x3a60  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:28:21.0194 0x3a60  cdrom - ok
12:28:21.0237 0x3a60  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:28:21.0244 0x3a60  CertPropSvc - ok
12:28:21.0272 0x3a60  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
12:28:21.0275 0x3a60  cfwids - ok
12:28:21.0310 0x3a60  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:28:21.0313 0x3a60  circlass - ok
12:28:21.0349 0x3a60  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:28:21.0361 0x3a60  CLFS - ok
12:28:21.0418 0x3a60  [ E72BB94A4010EBA7074DFEB25D67BDC3, 437F13A1F709B4CC047C9918625C2B5F673218A5141DBC99CD14B008FAB2AA88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
12:28:21.0441 0x3a60  ClipSVC - ok
12:28:21.0463 0x3a60  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:28:21.0465 0x3a60  CmBatt - ok
12:28:21.0524 0x3a60  [ 309E3CFC5309CECD9317A69990716A87, 1043A48A013CE1098BF02699750E31DFB181692C604F3D3F1EBE8A950B89DBE4 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:28:21.0547 0x3a60  CNG - ok
12:28:21.0598 0x3a60  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:28:21.0600 0x3a60  cnghwassist - ok
12:28:21.0704 0x3a60  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
12:28:21.0707 0x3a60  CompositeBus - ok
12:28:21.0712 0x3a60  COMSysApp - ok
12:28:21.0732 0x3a60  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:28:21.0734 0x3a60  condrv - ok
12:28:21.0793 0x3a60  [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:28:21.0813 0x3a60  CoreMessagingRegistrar - ok
12:28:21.0924 0x3a60  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:28:21.0934 0x3a60  cphs - ok
12:28:21.0974 0x3a60  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:28:21.0978 0x3a60  CryptSvc - ok
12:28:22.0019 0x3a60  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:28:22.0021 0x3a60  dam - ok
12:28:22.0080 0x3a60  dbupdate - ok
12:28:22.0092 0x3a60  dbupdatem - ok
12:28:22.0160 0x3a60  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:28:22.0184 0x3a60  DcomLaunch - ok
12:28:22.0230 0x3a60  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
12:28:22.0237 0x3a60  DcpSvc - ok
12:28:22.0281 0x3a60  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:28:22.0303 0x3a60  defragsvc - ok
12:28:22.0352 0x3a60  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:28:22.0364 0x3a60  DeviceAssociationService - ok
12:28:22.0449 0x3a60  [ 91E80E3783883DA59A065E16AC031C3B, 4889980BE707C3C595F241411BD3E670517A50A33AECECEC471636969AFBA20E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
12:28:22.0472 0x3a60  DeviceFastLaneService - ok
12:28:22.0509 0x3a60  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:28:22.0519 0x3a60  DeviceInstall - ok
12:28:22.0549 0x3a60  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
12:28:22.0552 0x3a60  DevQueryBroker - ok
12:28:22.0584 0x3a60  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:28:22.0588 0x3a60  Dfsc - ok
12:28:22.0615 0x3a60  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:28:22.0619 0x3a60  dg_ssudbus - ok
12:28:22.0679 0x3a60  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:28:22.0688 0x3a60  Dhcp - ok
12:28:22.0774 0x3a60  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:28:22.0776 0x3a60  diagnosticshub.standardcollector.service - ok
12:28:22.0862 0x3a60  [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
12:28:22.0908 0x3a60  DiagTrack - ok
12:28:22.0950 0x3a60  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:28:22.0954 0x3a60  disk - ok
12:28:22.0991 0x3a60  [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:28:23.0004 0x3a60  DmEnrollmentSvc - ok
12:28:23.0028 0x3a60  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:28:23.0031 0x3a60  dmvsc - ok
12:28:23.0068 0x3a60  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:28:23.0072 0x3a60  dmwappushservice - ok
12:28:23.0117 0x3a60  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:28:23.0126 0x3a60  Dnscache - ok
12:28:23.0153 0x3a60  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:28:23.0162 0x3a60  dot3svc - ok
12:28:23.0217 0x3a60  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
12:28:23.0223 0x3a60  DPS - ok
12:28:23.0258 0x3a60  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
12:28:23.0259 0x3a60  drmkaud - ok
12:28:23.0301 0x3a60  [ BB911CBB303E449F3CF4FA01CF0C6127, 13F0E54866144D112E3ED098206AA9344BE18A38A4FD2B6CDBB3F0C51C13B69A ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:28:23.0311 0x3a60  DsiWMIService - ok
12:28:23.0371 0x3a60  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:28:23.0378 0x3a60  DsmSvc - ok
12:28:23.0402 0x3a60  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
12:28:23.0408 0x3a60  DsSvc - ok
12:28:23.0505 0x3a60  [ 97BFC3BD9F910B24EB956FF3387C71CF, C5A6C550E91D51410A447649D2A01FCFEA73807AC01C635E71A080A18D0F4F99 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:28:23.0595 0x3a60  DXGKrnl - ok
12:28:23.0654 0x3a60  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
12:28:23.0659 0x3a60  Eaphost - ok
12:28:23.0805 0x3a60  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:28:23.0932 0x3a60  ebdrv - ok
12:28:23.0971 0x3a60  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
12:28:23.0976 0x3a60  EFS - ok
12:28:24.0013 0x3a60  [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:28:24.0019 0x3a60  EgisTec Ticket Service - ok
12:28:24.0057 0x3a60  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:28:24.0061 0x3a60  EhStorClass - ok
12:28:24.0085 0x3a60  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:28:24.0089 0x3a60  EhStorTcgDrv - ok
12:28:24.0134 0x3a60  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
12:28:24.0139 0x3a60  embeddedmode - ok
12:28:24.0180 0x3a60  [ 3182FCAF6AAF478791DE5B430C912D4D, 6044BB8A895F0E5BEAA5390457730AE9DB26A5611DC1CD55CE91F2331D2C3086 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:28:24.0191 0x3a60  EntAppSvc - ok
12:28:24.0247 0x3a60  [ 3D897AAAAC4BC8D6F069DA3BB65D136D, 65FAD19C638AE65FB29587EF980FB6EF12B528274469403281A5DCDD1E46C1DB ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:28:24.0263 0x3a60  ePowerSvc - ok
12:28:24.0289 0x3a60  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:28:24.0292 0x3a60  ErrDev - ok
12:28:24.0333 0x3a60  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
12:28:24.0345 0x3a60  EventSystem - ok
12:28:24.0405 0x3a60  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:28:24.0415 0x3a60  exfat - ok
12:28:24.0466 0x3a60  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:28:24.0476 0x3a60  fastfat - ok
12:28:24.0539 0x3a60  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:28:24.0561 0x3a60  Fax - ok
12:28:24.0585 0x3a60  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:28:24.0588 0x3a60  fdc - ok
12:28:24.0630 0x3a60  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:28:24.0633 0x3a60  fdPHost - ok
12:28:24.0644 0x3a60  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:28:24.0647 0x3a60  FDResPub - ok
12:28:24.0666 0x3a60  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:28:24.0672 0x3a60  fhsvc - ok
12:28:24.0702 0x3a60  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
12:28:24.0705 0x3a60  FileCrypt - ok
12:28:24.0718 0x3a60  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:28:24.0722 0x3a60  FileInfo - ok
12:28:24.0742 0x3a60  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:28:24.0745 0x3a60  Filetrace - ok
12:28:24.0808 0x3a60  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:28:24.0843 0x3a60  FLEXnet Licensing Service - ok
12:28:24.0903 0x3a60  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:28:24.0905 0x3a60  flpydisk - ok
12:28:24.0931 0x3a60  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:28:24.0942 0x3a60  FltMgr - ok
12:28:25.0030 0x3a60  [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:28:25.0087 0x3a60  FontCache - ok
12:28:25.0218 0x3a60  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:28:25.0221 0x3a60  FontCache3.0.0.0 - ok
12:28:25.0237 0x3a60  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:28:25.0241 0x3a60  FsDepends - ok
12:28:25.0260 0x3a60  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:28:25.0263 0x3a60  Fs_Rec - ok
12:28:25.0310 0x3a60  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:28:25.0355 0x3a60  fvevol - ok
12:28:25.0385 0x3a60  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
12:28:25.0388 0x3a60  gagp30kx - ok
12:28:25.0415 0x3a60  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:28:25.0417 0x3a60  GEARAspiWDM - ok
12:28:25.0459 0x3a60  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:28:25.0461 0x3a60  gencounter - ok
12:28:25.0478 0x3a60  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
12:28:25.0480 0x3a60  genericusbfn - ok
12:28:25.0520 0x3a60  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:28:25.0526 0x3a60  GPIOClx0101 - ok
12:28:25.0601 0x3a60  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:28:25.0656 0x3a60  gpsvc - ok
12:28:25.0705 0x3a60  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:28:25.0707 0x3a60  GpuEnergyDrv - ok
12:28:25.0758 0x3a60  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:25.0762 0x3a60  gupdate - ok
12:28:25.0769 0x3a60  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:25.0775 0x3a60  gupdatem - ok
12:28:25.0811 0x3a60  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:28:25.0814 0x3a60  HDAudBus - ok
12:28:25.0831 0x3a60  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:28:25.0833 0x3a60  HidBatt - ok
12:28:25.0869 0x3a60  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:28:25.0873 0x3a60  HidBth - ok
12:28:25.0897 0x3a60  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:28:25.0900 0x3a60  hidi2c - ok
12:28:25.0916 0x3a60  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:28:25.0919 0x3a60  hidinterrupt - ok
12:28:25.0939 0x3a60  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:28:25.0942 0x3a60  HidIr - ok
12:28:25.0974 0x3a60  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:28:25.0977 0x3a60  hidserv - ok
12:28:26.0019 0x3a60  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:28:26.0021 0x3a60  HidUsb - ok
12:28:26.0060 0x3a60  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
12:28:26.0066 0x3a60  HipShieldK - ok
12:28:26.0109 0x3a60  [ EDE31817FC0A574E7CC3AF7E544C8951, DC8D07A15525E1CA52C5F6DFAEB2585807D45FC3400EAC9E27DC27E46B5B480F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:28:26.0120 0x3a60  HomeGroupListener - ok
12:28:26.0180 0x3a60  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:28:26.0194 0x3a60  HomeGroupProvider - ok
12:28:26.0257 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:28:26.0266 0x3a60  HomeNetSvc - ok
12:28:26.0293 0x3a60  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:28:26.0296 0x3a60  HpSAMD - ok
12:28:26.0357 0x3a60  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:28:26.0413 0x3a60  HTTP - ok
12:28:26.0461 0x3a60  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:28:26.0463 0x3a60  hwpolicy - ok
12:28:26.0480 0x3a60  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:28:26.0482 0x3a60  hyperkbd - ok
12:28:26.0497 0x3a60  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:28:26.0500 0x3a60  i8042prt - ok
12:28:26.0507 0x3a60  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
12:28:26.0511 0x3a60  iai2c - ok
12:28:26.0542 0x3a60  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:28:26.0548 0x3a60  iaLPSS2i_I2C - ok
12:28:26.0569 0x3a60  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:28:26.0571 0x3a60  iaLPSSi_GPIO - ok
12:28:26.0580 0x3a60  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:28:26.0584 0x3a60  iaLPSSi_I2C - ok
12:28:26.0655 0x3a60  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
12:28:26.0670 0x3a60  iaStorA - ok
12:28:26.0703 0x3a60  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:28:26.0736 0x3a60  iaStorAV - ok
12:28:26.0782 0x3a60  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:28:26.0794 0x3a60  iaStorV - ok
12:28:26.0822 0x3a60  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
12:28:26.0834 0x3a60  ibbus - ok
12:28:26.0874 0x3a60  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:28:26.0884 0x3a60  icssvc - ok
12:28:26.0889 0x3a60  IEEtwCollectorService - ok
12:28:27.0096 0x3a60  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:28:27.0281 0x3a60  igfx - ok
12:28:27.0350 0x3a60  [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:28:27.0396 0x3a60  IKEEXT - ok
12:28:27.0550 0x3a60  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:28:27.0682 0x3a60  IntcAzAudAddService - ok
12:28:27.0733 0x3a60  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:28:27.0743 0x3a60  IntcDAud - ok
12:28:27.0810 0x3a60  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:28:27.0855 0x3a60  Intel(R) Capability Licensing Service Interface - ok
12:28:27.0867 0x3a60  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:28:27.0869 0x3a60  intelide - ok
12:28:27.0888 0x3a60  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:28:27.0890 0x3a60  intelpep - ok
12:28:27.0912 0x3a60  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:28:27.0917 0x3a60  intelppm - ok
12:28:27.0954 0x3a60  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
12:28:27.0956 0x3a60  IoQos - ok
12:28:27.0980 0x3a60  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:28:27.0984 0x3a60  IpFilterDriver - ok
12:28:28.0044 0x3a60  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:28:28.0077 0x3a60  iphlpsvc - ok
12:28:28.0102 0x3a60  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:28:28.0105 0x3a60  IPMIDRV - ok
12:28:28.0145 0x3a60  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:28:28.0150 0x3a60  IPNAT - ok
12:28:28.0218 0x3a60  [ 9C9D71CC6705176731EA5672F1648BB7, F44C7CAFAE09F09AFE1D17C7284D98AFBC7B322B5FB79F7D4C20EF862BF2E81F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:28:28.0233 0x3a60  iPod Service - ok
12:28:28.0253 0x3a60  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:28:28.0255 0x3a60  IRENUM - ok
12:28:28.0279 0x3a60  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:28:28.0281 0x3a60  isapnp - ok
12:28:28.0301 0x3a60  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:28:28.0309 0x3a60  iScsiPrt - ok
12:28:28.0391 0x3a60  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:28:28.0396 0x3a60  jhi_service - ok
12:28:28.0446 0x3a60  [ 8438B8A45E16258064C19FBEC4EE069F, 9128F825403B26A39BC769A53555DF1FD2B82882AF1384135D0329FCF2BBAC6D ] k57nd60a        C:\WINDOWS\System32\drivers\k57nd60a.sys
12:28:28.0466 0x3a60  k57nd60a - ok
12:28:28.0509 0x3a60  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:28:28.0512 0x3a60  kbdclass - ok
12:28:28.0527 0x3a60  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:28:28.0530 0x3a60  kbdhid - ok
12:28:28.0540 0x3a60  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
12:28:28.0542 0x3a60  kdnic - ok
12:28:28.0549 0x3a60  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:28:28.0553 0x3a60  KeyIso - ok
12:28:28.0620 0x3a60  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:28:28.0625 0x3a60  KSecDD - ok
12:28:28.0668 0x3a60  [ 5DFF4CF4DF7FD11AE5A1DAD8C67619D2, 1C821CB3CC430F8A9E660D2ABC63ECBB2F29FB41D5B045C2F4C927D5C361656E ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:28:28.0674 0x3a60  KSecPkg - ok
12:28:28.0692 0x3a60  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:28:28.0694 0x3a60  ksthunk - ok
12:28:28.0744 0x3a60  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:28:28.0765 0x3a60  KtmRm - ok
12:28:28.0828 0x3a60  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:28:28.0840 0x3a60  LanmanServer - ok
12:28:28.0888 0x3a60  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:28:28.0901 0x3a60  LanmanWorkstation - ok
12:28:28.0940 0x3a60  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
12:28:28.0944 0x3a60  lfsvc - ok
12:28:28.0959 0x3a60  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
12:28:28.0964 0x3a60  LicenseManager - ok
12:28:29.0000 0x3a60  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
12:28:29.0003 0x3a60  lltdio - ok
12:28:29.0025 0x3a60  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:28:29.0036 0x3a60  lltdsvc - ok
12:28:29.0067 0x3a60  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:28:29.0071 0x3a60  lmhosts - ok
12:28:29.0102 0x3a60  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:28:29.0109 0x3a60  LMS - ok
12:28:29.0163 0x3a60  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:28:29.0168 0x3a60  LSI_SAS - ok
12:28:29.0184 0x3a60  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:28:29.0189 0x3a60  LSI_SAS2i - ok
12:28:29.0225 0x3a60  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:28:29.0229 0x3a60  LSI_SAS3i - ok
12:28:29.0253 0x3a60  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:28:29.0257 0x3a60  LSI_SSS - ok
12:28:29.0312 0x3a60  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
12:28:29.0348 0x3a60  LSM - ok
12:28:29.0371 0x3a60  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:28:29.0376 0x3a60  luafv - ok
12:28:29.0418 0x3a60  [ 98E3D2BB421424B0457F8B7C46113110, 479187820318E9193765ADAA1D2E83E5752D9A2B22941DF3660C413DA029E618 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
12:28:29.0424 0x3a60  MapsBroker - ok
12:28:29.0470 0x3a60  [ 46FB0DCE8D46A072B4558B5309A997F2, 42112A77FC44BC69EFFBF12D9996A6D3CF23B0B05733E141E36069F75B4A4CE5 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
12:28:29.0476 0x3a60  McAfee SiteAdvisor Service - ok
12:28:29.0531 0x3a60  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
12:28:29.0537 0x3a60  McAPExe - ok
12:28:29.0568 0x3a60  [ 1E3AF124A3405EEE594BB9FFD4640F48, 7916D86433A6A305CC9699A8901795E74A22C99A2C6B091BAC951E30F7510FF7 ] McAWFwk         C:\Program Files\mcafee\msc\McAWFwk.exe
12:28:29.0578 0x3a60  McAWFwk - ok
12:28:29.0611 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:28:29.0619 0x3a60  McMPFSvc - ok
12:28:29.0657 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
12:28:29.0665 0x3a60  McNaiAnn - ok
12:28:29.0712 0x3a60  [ 1817FCB59F1832BC5387EC10838FC1BF, F0950EEEF5285C1C21E0C5BAFAFA44302E901EB8466427FA6AA3F1709B4D5A21 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
12:28:29.0727 0x3a60  McODS - ok
12:28:29.0755 0x3a60  [ C121367D21599367F2ADB9C11B7BABAA, 752993437AB2C797B5C0FFD397BC8FAC575886857C61BCCCCF169DA54BEE911C ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:28:29.0762 0x3a60  McOobeSv - ok
12:28:29.0788 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
12:28:29.0796 0x3a60  mcpltsvc - ok
12:28:29.0833 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
12:28:29.0841 0x3a60  McProxy - ok
12:28:29.0886 0x3a60  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:28:29.0889 0x3a60  megasas - ok
12:28:29.0914 0x3a60  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:28:29.0937 0x3a60  megasr - ok
12:28:29.0975 0x3a60  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
12:28:29.0978 0x3a60  MEIx64 - ok
12:28:30.0019 0x3a60  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:28:30.0024 0x3a60  MessagingService - ok
12:28:30.0090 0x3a60  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
12:28:30.0097 0x3a60  mfeapfk - ok
12:28:30.0117 0x3a60  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
12:28:30.0126 0x3a60  mfeavfk - ok
12:28:30.0215 0x3a60  [ C83EBEE66A2754CEE5B05699A42F728B, 1D739A505AEC1F40CC8CB86D01BDCEC0E29002A609FDA96CEF3531285E8261B9 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
12:28:30.0270 0x3a60  mfecore - ok
12:28:30.0283 0x3a60  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
12:28:30.0286 0x3a60  mfeelamk - ok
12:28:30.0347 0x3a60  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:28:30.0354 0x3a60  mfefire - ok
12:28:30.0398 0x3a60  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
12:28:30.0421 0x3a60  mfefirek - ok
12:28:30.0459 0x3a60  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
12:28:30.0493 0x3a60  mfehidk - ok
12:28:30.0532 0x3a60  [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
12:28:30.0553 0x3a60  mfencbdc - ok
12:28:30.0571 0x3a60  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
12:28:30.0575 0x3a60  mfencrk - ok
12:28:30.0631 0x3a60  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
12:28:30.0634 0x3a60  mfesapsn - ok
12:28:30.0668 0x3a60  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\windows\system32\mfevtps.exe
12:28:30.0677 0x3a60  mfevtp - ok
12:28:30.0717 0x3a60  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
12:28:30.0738 0x3a60  mfewfpk - ok
12:28:30.0792 0x3a60  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:28:30.0826 0x3a60  mlx4_bus - ok
12:28:30.0857 0x3a60  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
12:28:30.0860 0x3a60  MMCSS - ok
12:28:30.0878 0x3a60  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:28:30.0880 0x3a60  Modem - ok
12:28:30.0898 0x3a60  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:28:30.0900 0x3a60  monitor - ok
12:28:30.0911 0x3a60  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:28:30.0914 0x3a60  mouclass - ok
12:28:30.0921 0x3a60  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:28:30.0923 0x3a60  mouhid - ok
12:28:30.0941 0x3a60  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:28:30.0945 0x3a60  mountmgr - ok
12:28:30.0955 0x3a60  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:28:30.0958 0x3a60  mpsdrv - ok
12:28:31.0024 0x3a60  [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:28:31.0079 0x3a60  MpsSvc - ok
12:28:31.0124 0x3a60  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:28:31.0130 0x3a60  MRxDAV - ok
12:28:31.0173 0x3a60  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:28:31.0186 0x3a60  mrxsmb - ok
12:28:31.0229 0x3a60  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:28:31.0238 0x3a60  mrxsmb10 - ok
12:28:31.0279 0x3a60  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:28:31.0286 0x3a60  mrxsmb20 - ok
12:28:31.0312 0x3a60  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
12:28:31.0316 0x3a60  MsBridge - ok
12:28:31.0355 0x3a60  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:28:31.0363 0x3a60  MSDTC - ok
12:28:31.0380 0x3a60  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:28:31.0382 0x3a60  Msfs - ok
12:28:31.0422 0x3a60  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:28:31.0425 0x3a60  msgpiowin32 - ok
12:28:31.0439 0x3a60  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:28:31.0441 0x3a60  mshidkmdf - ok
12:28:31.0445 0x3a60  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:28:31.0448 0x3a60  mshidumdf - ok
12:28:31.0464 0x3a60  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:28:31.0466 0x3a60  msisadrv - ok
12:28:31.0516 0x3a60  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:28:31.0523 0x3a60  MSiSCSI - ok
12:28:31.0528 0x3a60  msiserver - ok
12:28:31.0549 0x3a60  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:28:31.0558 0x3a60  MSK80Service - ok
12:28:31.0587 0x3a60  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
12:28:31.0590 0x3a60  MSKSSRV - ok
12:28:31.0614 0x3a60  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
12:28:31.0618 0x3a60  MsLldp - ok
12:28:31.0640 0x3a60  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
12:28:31.0642 0x3a60  MSPCLOCK - ok
12:28:31.0647 0x3a60  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
12:28:31.0649 0x3a60  MSPQM - ok
12:28:31.0684 0x3a60  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:28:31.0694 0x3a60  MsRPC - ok
12:28:31.0735 0x3a60  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:28:31.0738 0x3a60  mssmbios - ok
12:28:31.0743 0x3a60  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
12:28:31.0745 0x3a60  MSTEE - ok
12:28:31.0751 0x3a60  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:28:31.0754 0x3a60  MTConfig - ok
12:28:31.0800 0x3a60  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:28:31.0805 0x3a60  Mup - ok
12:28:31.0818 0x3a60  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:28:31.0821 0x3a60  mvumis - ok
12:28:31.0853 0x3a60  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
12:28:31.0856 0x3a60  mwlPSDFilter - ok
12:28:31.0864 0x3a60  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
12:28:31.0867 0x3a60  mwlPSDNServ - ok
12:28:31.0884 0x3a60  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
12:28:31.0888 0x3a60  mwlPSDVDisk - ok
12:28:31.0951 0x3a60  [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:28:31.0973 0x3a60  NativeWifiP - ok
12:28:32.0058 0x3a60  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:28:32.0066 0x3a60  NcaSvc - ok
12:28:32.0105 0x3a60  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:28:32.0125 0x3a60  NcbService - ok
12:28:32.0177 0x3a60  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:28:32.0183 0x3a60  NcdAutoSetup - ok
12:28:32.0227 0x3a60  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
12:28:32.0230 0x3a60  ndfltr - ok
12:28:32.0280 0x3a60  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:28:32.0336 0x3a60  NDIS - ok
12:28:32.0365 0x3a60  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
12:28:32.0367 0x3a60  NdisCap - ok
12:28:32.0388 0x3a60  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:28:32.0393 0x3a60  NdisImPlatform - ok
12:28:32.0408 0x3a60  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:28:32.0411 0x3a60  NdisTapi - ok
12:28:32.0433 0x3a60  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
12:28:32.0437 0x3a60  Ndisuio - ok
12:28:32.0474 0x3a60  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:28:32.0476 0x3a60  NdisVirtualBus - ok
12:28:32.0502 0x3a60  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
12:28:32.0509 0x3a60  NdisWan - ok
12:28:32.0525 0x3a60  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:28:32.0530 0x3a60  ndiswanlegacy - ok
12:28:32.0550 0x3a60  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:28:32.0553 0x3a60  ndproxy - ok
12:28:32.0594 0x3a60  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:28:32.0598 0x3a60  Ndu - ok
12:28:32.0634 0x3a60  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
12:28:32.0636 0x3a60  Netaapl - ok
12:28:32.0652 0x3a60  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
12:28:32.0655 0x3a60  NetBIOS - ok
12:28:32.0709 0x3a60  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:28:32.0718 0x3a60  NetBT - ok
12:28:32.0750 0x3a60  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:28:32.0754 0x3a60  Netlogon - ok
12:28:32.0793 0x3a60  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
12:28:32.0804 0x3a60  Netman - ok
12:28:32.0872 0x3a60  [ 8941D509C5B1D203AA75BE3E75F5B636, B53F8E989924B5324319C830EBE648E5CD60D681CA7AD3B1342176E6F44E66E6 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:28:32.0877 0x3a60  NetMsmqActivator - ok
12:28:32.0883 0x3a60  [ 8941D509C5B1D203AA75BE3E75F5B636, B53F8E989924B5324319C830EBE648E5CD60D681CA7AD3B1342176E6F44E66E6 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:28:32.0887 0x3a60  NetPipeActivator - ok
12:28:32.0980 0x3a60  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:28:33.0003 0x3a60  netprofm - ok
12:28:33.0071 0x3a60  [ A3AA03C0C5002F3D89397637B770A1BA, CB40F8FFE2850C11C9EA309BFDBB97C2C978202AF70D052573D8CF18A0677AEB ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
12:28:33.0081 0x3a60  NetSetupSvc - ok
12:28:33.0149 0x3a60  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:33.0154 0x3a60  NetTcpActivator - ok
12:28:33.0162 0x3a60  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:33.0167 0x3a60  NetTcpPortSharing - ok
12:28:33.0321 0x3a60  [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
12:28:33.0448 0x3a60  NETwNe64 - ok
12:28:33.0499 0x3a60  [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
12:28:33.0512 0x3a60  NgcCtnrSvc - ok
12:28:33.0580 0x3a60  [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
12:28:33.0616 0x3a60  NgcSvc - ok
12:28:33.0660 0x3a60  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:28:33.0681 0x3a60  NlaSvc - ok
12:28:33.0718 0x3a60  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:28:33.0721 0x3a60  Npfs - ok
12:28:33.0757 0x3a60  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:28:33.0759 0x3a60  npsvctrig - ok
12:28:33.0768 0x3a60  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:28:33.0773 0x3a60  nsi - ok
12:28:33.0784 0x3a60  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:28:33.0787 0x3a60  nsiproxy - ok
12:28:33.0892 0x3a60  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
12:28:33.0991 0x3a60  NTFS - ok
12:28:34.0076 0x3a60  [ 24802A206925A340DBA52ABF83C21315, 39E6FD63C7C93A833E3D5CC928AFF9286059538798DBF77C16ADDE64112E2661 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:28:34.0084 0x3a60  NTI IScheduleSvc - ok
12:28:34.0130 0x3a60  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:28:34.0132 0x3a60  NTIDrvr - ok
12:28:34.0172 0x3a60  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:28:34.0173 0x3a60  Null - ok
12:28:34.0193 0x3a60  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:28:34.0199 0x3a60  nvraid - ok
12:28:34.0224 0x3a60  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:28:34.0260 0x3a60  nvstor - ok
12:28:34.0293 0x3a60  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
12:28:34.0298 0x3a60  nv_agp - ok
12:28:34.0355 0x3a60  [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
12:28:34.0365 0x3a60  OneSyncSvc - ok
12:28:34.0441 0x3a60  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:28:34.0446 0x3a60  ose - ok
12:28:34.0659 0x3a60  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:28:34.0823 0x3a60  osppsvc - ok
12:28:34.0872 0x3a60  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:28:34.0895 0x3a60  p2pimsvc - ok
12:28:34.0961 0x3a60  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:28:34.0984 0x3a60  p2psvc - ok
12:28:35.0038 0x3a60  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:28:35.0042 0x3a60  Parport - ok
12:28:35.0082 0x3a60  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:28:35.0087 0x3a60  partmgr - ok
12:28:35.0111 0x3a60  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:28:35.0135 0x3a60  PcaSvc - ok
12:28:35.0184 0x3a60  [ EF94E21C3220AE3F8539542EC0B3FF06, F17EE06326D7330D26971453B688BA6A6838DB9CCC85C2CE86CA99934D1DEFA2 ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:28:35.0194 0x3a60  pci - ok
12:28:35.0219 0x3a60  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:28:35.0221 0x3a60  pciide - ok
12:28:35.0240 0x3a60  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:28:35.0244 0x3a60  pcmcia - ok
12:28:35.0262 0x3a60  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:28:35.0266 0x3a60  pcw - ok
12:28:35.0291 0x3a60  [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:28:35.0295 0x3a60  pdc - ok
12:28:35.0359 0x3a60  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:28:35.0393 0x3a60  PEAUTH - ok
12:28:35.0438 0x3a60  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
12:28:35.0441 0x3a60  percsas2i - ok
12:28:35.0454 0x3a60  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
12:28:35.0457 0x3a60  percsas3i - ok
12:28:35.0553 0x3a60  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:28:35.0558 0x3a60  PerfHost - ok
12:28:35.0622 0x3a60  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
12:28:35.0657 0x3a60  PhoneSvc - ok
12:28:35.0713 0x3a60  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:28:35.0724 0x3a60  PimIndexMaintenanceSvc - ok
12:28:35.0827 0x3a60  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
12:28:35.0886 0x3a60  pla - ok
12:28:35.0937 0x3a60  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:28:35.0944 0x3a60  PlugPlay - ok
12:28:35.0957 0x3a60  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:28:35.0962 0x3a60  PNRPAutoReg - ok
12:28:35.0990 0x3a60  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:28:36.0002 0x3a60  PNRPsvc - ok
12:28:36.0056 0x3a60  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:28:36.0077 0x3a60  PolicyAgent - ok
12:28:36.0124 0x3a60  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
12:28:36.0133 0x3a60  Power - ok
12:28:36.0171 0x3a60  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
12:28:36.0175 0x3a60  PptpMiniport - ok
12:28:36.0342 0x3a60  [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:28:36.0454 0x3a60  PrintNotify - ok
12:28:36.0496 0x3a60  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:28:36.0501 0x3a60  Processor - ok
12:28:36.0556 0x3a60  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:28:36.0569 0x3a60  ProfSvc - ok
12:28:36.0603 0x3a60  [ 138DBAE80F390B22297ACD861BDA996E, F0799F40266A11058710AD8ED5D8797A350DCB2A55D3DEF179C1D8C87AFB5208 ] Ps2Kb2Hid       C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
12:28:36.0605 0x3a60  Ps2Kb2Hid - ok
12:28:36.0622 0x3a60  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
12:28:36.0628 0x3a60  Psched - ok
12:28:36.0672 0x3a60  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\WINDOWS\system32\drivers\PxHlpa64.sys
12:28:36.0675 0x3a60  PxHlpa64 - ok
12:28:36.0716 0x3a60  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:28:36.0728 0x3a60  QWAVE - ok
12:28:36.0776 0x3a60  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:28:36.0779 0x3a60  QWAVEdrv - ok
12:28:36.0822 0x3a60  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:28:36.0824 0x3a60  RasAcd - ok
12:28:36.0860 0x3a60  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
12:28:36.0864 0x3a60  RasAgileVpn - ok
12:28:36.0901 0x3a60  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:28:36.0909 0x3a60  RasAuto - ok
12:28:36.0944 0x3a60  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
12:28:36.0948 0x3a60  Rasl2tp - ok
12:28:37.0006 0x3a60  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:28:37.0040 0x3a60  RasMan - ok
12:28:37.0074 0x3a60  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:28:37.0078 0x3a60  RasPppoe - ok
12:28:37.0097 0x3a60  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
12:28:37.0102 0x3a60  RasSstp - ok
12:28:37.0148 0x3a60  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:28:37.0160 0x3a60  rdbss - ok
12:28:37.0201 0x3a60  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:28:37.0203 0x3a60  rdpbus - ok
12:28:37.0233 0x3a60  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:28:37.0239 0x3a60  RDPDR - ok
12:28:37.0281 0x3a60  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:28:37.0284 0x3a60  RdpVideoMiniport - ok
12:28:37.0312 0x3a60  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:28:37.0320 0x3a60  rdyboost - ok
12:28:37.0365 0x3a60  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
12:28:37.0399 0x3a60  ReFSv1 - ok
12:28:37.0455 0x3a60  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:28:37.0479 0x3a60  RemoteAccess - ok
12:28:37.0539 0x3a60  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:28:37.0549 0x3a60  RemoteRegistry - ok
12:28:37.0616 0x3a60  [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
12:28:37.0671 0x3a60  RetailDemo - ok
12:28:37.0719 0x3a60  [ F61333867216EDE1A09A7C55FEDCB6A8, 991FC810FB281F4E91B7D22A7C5AF5D11419ACE05BBB3F664812391069A336F0 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
12:28:37.0722 0x3a60  RfButtonDriverService - ok
12:28:37.0765 0x3a60  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:28:37.0772 0x3a60  RpcEptMapper - ok
12:28:37.0813 0x3a60  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:28:37.0817 0x3a60  RpcLocator - ok
12:28:37.0857 0x3a60  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:28:37.0881 0x3a60  RpcSs - ok
12:28:37.0924 0x3a60  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
12:28:37.0927 0x3a60  rspndr - ok
12:28:37.0945 0x3a60  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:28:37.0947 0x3a60  s3cap - ok
12:28:37.0987 0x3a60  [ 2C67136609D17B2A8FF07E171B467139, 39C07C388AE05B25C632D5115742F0BF69EB5391A9DA82D296C3F9F5F9686F6F ] SaiH0763        C:\WINDOWS\system32\DRIVERS\SaiH0763.sys
12:28:37.0993 0x3a60  SaiH0763 - ok
12:28:38.0025 0x3a60  [ 231A3700154B1A49C2F05CB0DA4B2747, 32BEA02B276D6894EF39BCB7D827456AC3787AD8D8AC3C6FEC89CA03BA7A5DD3 ] SaiH0BAC        C:\WINDOWS\system32\DRIVERS\SaiH0BAC.sys
12:28:38.0031 0x3a60  SaiH0BAC - ok
12:28:38.0063 0x3a60  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:28:38.0068 0x3a60  SamSs - ok
12:28:38.0100 0x3a60  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:28:38.0105 0x3a60  sbp2port - ok
12:28:38.0147 0x3a60  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:28:38.0158 0x3a60  SCardSvr - ok
12:28:38.0182 0x3a60  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:28:38.0192 0x3a60  ScDeviceEnum - ok
12:28:38.0214 0x3a60  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:28:38.0216 0x3a60  scfilter - ok
12:28:38.0286 0x3a60  [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:28:38.0341 0x3a60  Schedule - ok
         


Alt 27.07.2016, 11:38   #6
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
12:28:38.0938 0x3a60  SerCx - ok
12:28:38.0957 0x3a60  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:28:38.0962 0x3a60  SerCx2 - ok
12:28:38.0993 0x3a60  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:28:38.0996 0x3a60  Serenum - ok
12:28:39.0032 0x3a60  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:28:39.0036 0x3a60  Serial - ok
12:28:39.0054 0x3a60  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:28:39.0057 0x3a60  sermouse - ok
12:28:39.0091 0x3a60  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:28:39.0112 0x3a60  SessionEnv - ok
12:28:39.0132 0x3a60  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:28:39.0134 0x3a60  sfloppy - ok
12:28:39.0174 0x3a60  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:28:39.0197 0x3a60  SharedAccess - ok
12:28:39.0253 0x3a60  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:28:39.0299 0x3a60  ShellHWDetection - ok
12:28:39.0342 0x3a60  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:28:39.0344 0x3a60  SiSRaid2 - ok
12:28:39.0367 0x3a60  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:28:39.0370 0x3a60  SiSRaid4 - ok
12:28:39.0437 0x3a60  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:28:39.0447 0x3a60  SkypeUpdate - ok
12:28:39.0498 0x3a60  [ 2919877403D5BB7384F7F6A5A8AABD42, A66CF9FFF593FAB318937365D94672924393C1E05B7D399210BBD4A12CADF8F4 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:28:39.0501 0x3a60  SmbDrvI - ok
12:28:39.0543 0x3a60  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
12:28:39.0549 0x3a60  smphost - ok
12:28:39.0594 0x3a60  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
12:28:39.0640 0x3a60  SmsRouter - ok
12:28:39.0698 0x3a60  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:28:39.0703 0x3a60  SNMPTRAP - ok
12:28:39.0753 0x3a60  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:28:39.0775 0x3a60  spaceport - ok
12:28:39.0823 0x3a60  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:28:39.0861 0x3a60  SpbCx - ok
12:28:39.0947 0x3a60  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:28:39.0980 0x3a60  Spooler - ok
12:28:40.0215 0x3a60  [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:28:40.0430 0x3a60  sppsvc - ok
12:28:40.0484 0x3a60  [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:28:40.0496 0x3a60  srv - ok
12:28:40.0527 0x3a60  [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:28:40.0573 0x3a60  srv2 - ok
12:28:40.0613 0x3a60  [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:28:40.0620 0x3a60  srvnet - ok
12:28:40.0677 0x3a60  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:28:40.0689 0x3a60  SSDPSRV - ok
12:28:40.0736 0x3a60  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:28:40.0747 0x3a60  SstpSvc - ok
12:28:40.0766 0x3a60  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:28:40.0773 0x3a60  ssudmdm - ok
12:28:40.0895 0x3a60  [ 17139E61D556444B6FCE67920E71D369, 1A50102B1DC9B63BB50EDB1F7B2CB25F8BB4CD9BF95B3630A99ECC4981B573BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:28:41.0015 0x3a60  StateRepository - ok
12:28:41.0063 0x3a60  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:28:41.0066 0x3a60  stexstor - ok
12:28:41.0120 0x3a60  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:28:41.0168 0x3a60  stisvc - ok
12:28:41.0185 0x3a60  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:28:41.0190 0x3a60  storahci - ok
12:28:41.0203 0x3a60  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:28:41.0206 0x3a60  storflt - ok
12:28:41.0229 0x3a60  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:28:41.0233 0x3a60  stornvme - ok
12:28:41.0260 0x3a60  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
12:28:41.0263 0x3a60  storqosflt - ok
12:28:41.0325 0x3a60  [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:28:41.0370 0x3a60  StorSvc - ok
12:28:41.0390 0x3a60  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
12:28:41.0394 0x3a60  storufs - ok
12:28:41.0406 0x3a60  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:28:41.0409 0x3a60  storvsc - ok
12:28:41.0444 0x3a60  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:28:41.0450 0x3a60  svsvc - ok
12:28:41.0493 0x3a60  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:28:41.0495 0x3a60  swenum - ok
12:28:41.0522 0x3a60  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
12:28:41.0546 0x3a60  swprv - ok
12:28:41.0589 0x3a60  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:28:41.0592 0x3a60  Synth3dVsc - ok
12:28:41.0653 0x3a60  [ C72663637DBAD69DDE0919DA4A378A2A, 250E49419FB21EC4046D3C38C25B784ADC8A727A54E5AB3835E830B1D49C996A ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:28:41.0674 0x3a60  SynTP - ok
12:28:41.0748 0x3a60  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:28:41.0801 0x3a60  SysMain - ok
12:28:41.0849 0x3a60  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:28:41.0882 0x3a60  SystemEventsBroker - ok
12:28:41.0927 0x3a60  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:28:41.0936 0x3a60  TabletInputService - ok
12:28:41.0966 0x3a60  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:28:41.0998 0x3a60  TapiSrv - ok
12:28:42.0114 0x3a60  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:28:42.0215 0x3a60  Tcpip - ok
12:28:42.0286 0x3a60  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
12:28:42.0340 0x3a60  Tcpip6 - ok
12:28:42.0376 0x3a60  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:28:42.0379 0x3a60  tcpipreg - ok
12:28:42.0421 0x3a60  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:28:42.0425 0x3a60  tdx - ok
12:28:42.0456 0x3a60  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:28:42.0458 0x3a60  terminpt - ok
12:28:42.0526 0x3a60  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
12:28:42.0583 0x3a60  TermService - ok
12:28:42.0600 0x3a60  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:28:42.0607 0x3a60  Themes - ok
12:28:42.0654 0x3a60  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:28:42.0667 0x3a60  TieringEngineService - ok
12:28:42.0725 0x3a60  [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:28:42.0748 0x3a60  tiledatamodelsvc - ok
12:28:42.0773 0x3a60  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
12:28:42.0783 0x3a60  TimeBroker - ok
12:28:42.0815 0x3a60  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:28:42.0822 0x3a60  TPM - ok
12:28:42.0864 0x3a60  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:28:42.0873 0x3a60  TrkWks - ok
12:28:42.0950 0x3a60  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:28:42.0954 0x3a60  TrustedInstaller - ok
12:28:42.0976 0x3a60  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
12:28:42.0979 0x3a60  tsusbflt - ok
12:28:42.0998 0x3a60  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:28:43.0001 0x3a60  TsUsbGD - ok
12:28:43.0038 0x3a60  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
12:28:43.0043 0x3a60  tunnel - ok
12:28:43.0084 0x3a60  [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
12:28:43.0092 0x3a60  tzautoupdate - ok
12:28:43.0122 0x3a60  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
12:28:43.0125 0x3a60  uagp35 - ok
12:28:43.0150 0x3a60  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:28:43.0154 0x3a60  UASPStor - ok
12:28:43.0174 0x3a60  [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:28:43.0176 0x3a60  UBHelper - ok
12:28:43.0214 0x3a60  [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
12:28:43.0217 0x3a60  UcmCx0101 - ok
12:28:43.0231 0x3a60  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:28:43.0234 0x3a60  UcmUcsi - ok
12:28:43.0257 0x3a60  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
12:28:43.0263 0x3a60  Ucx01000 - ok
12:28:43.0281 0x3a60  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
12:28:43.0284 0x3a60  UdeCx - ok
12:28:43.0316 0x3a60  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:28:43.0325 0x3a60  udfs - ok
12:28:43.0346 0x3a60  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:28:43.0349 0x3a60  UEFI - ok
12:28:43.0399 0x3a60  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:28:43.0407 0x3a60  Ufx01000 - ok
12:28:43.0426 0x3a60  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:28:43.0430 0x3a60  UfxChipidea - ok
12:28:43.0465 0x3a60  [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:28:43.0470 0x3a60  ufxsynopsys - ok
12:28:43.0516 0x3a60  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:28:43.0523 0x3a60  UI0Detect - ok
12:28:43.0535 0x3a60  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
12:28:43.0539 0x3a60  uliagpkx - ok
12:28:43.0560 0x3a60  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:28:43.0563 0x3a60  umbus - ok
12:28:43.0585 0x3a60  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:28:43.0588 0x3a60  UmPass - ok
12:28:43.0637 0x3a60  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:28:43.0652 0x3a60  UmRdpService - ok
12:28:43.0726 0x3a60  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
12:28:43.0783 0x3a60  UnistoreSvc - ok
12:28:43.0894 0x3a60  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:28:43.0903 0x3a60  UNS - ok
12:28:43.0954 0x3a60  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:28:43.0976 0x3a60  upnphost - ok
12:28:44.0028 0x3a60  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
12:28:44.0030 0x3a60  UrsChipidea - ok
12:28:44.0053 0x3a60  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
12:28:44.0056 0x3a60  UrsCx01000 - ok
12:28:44.0062 0x3a60  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
12:28:44.0064 0x3a60  UrsSynopsys - ok
12:28:44.0095 0x3a60  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
12:28:44.0099 0x3a60  USBAAPL64 - ok
12:28:44.0136 0x3a60  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:28:44.0142 0x3a60  usbccgp - ok
12:28:44.0157 0x3a60  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:28:44.0161 0x3a60  usbcir - ok
12:28:44.0181 0x3a60  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:28:44.0185 0x3a60  usbehci - ok
12:28:44.0213 0x3a60  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:28:44.0233 0x3a60  usbhub - ok
12:28:44.0285 0x3a60  [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:28:44.0307 0x3a60  USBHUB3 - ok
12:28:44.0320 0x3a60  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:28:44.0322 0x3a60  usbohci - ok
12:28:44.0360 0x3a60  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:28:44.0362 0x3a60  usbprint - ok
12:28:44.0383 0x3a60  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:28:44.0386 0x3a60  usbscan - ok
12:28:44.0422 0x3a60  [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
12:28:44.0426 0x3a60  usbser - ok
12:28:44.0453 0x3a60  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:28:44.0458 0x3a60  USBSTOR - ok
12:28:44.0475 0x3a60  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:28:44.0477 0x3a60  usbuhci - ok
12:28:44.0495 0x3a60  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:28:44.0503 0x3a60  usbvideo - ok
12:28:44.0546 0x3a60  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:28:44.0557 0x3a60  USBXHCI - ok
12:28:44.0627 0x3a60  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
12:28:44.0684 0x3a60  UserDataSvc - ok
12:28:44.0757 0x3a60  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
12:28:44.0791 0x3a60  UserManager - ok
12:28:44.0831 0x3a60  [ 50F7B408700BF28CF9986821E0486A16, 11575C4651AB9BC68805A23414E3C6EC14AE4B9B0B5DAF88A2BAA5C923413CB7 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
12:28:44.0854 0x3a60  UsoSvc - ok
12:28:44.0871 0x3a60  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:28:44.0876 0x3a60  VaultSvc - ok
12:28:44.0916 0x3a60  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:28:44.0919 0x3a60  vdrvroot - ok
12:28:44.0983 0x3a60  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
12:28:45.0016 0x3a60  vds - ok
12:28:45.0041 0x3a60  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:28:45.0049 0x3a60  VerifierExt - ok
12:28:45.0082 0x3a60  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:28:45.0127 0x3a60  vhdmp - ok
12:28:45.0143 0x3a60  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
12:28:45.0145 0x3a60  vhf - ok
12:28:45.0163 0x3a60  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:28:45.0167 0x3a60  vmbus - ok
12:28:45.0182 0x3a60  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:28:45.0184 0x3a60  VMBusHID - ok
12:28:45.0236 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:28:45.0260 0x3a60  vmicguestinterface - ok
12:28:45.0278 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
12:28:45.0292 0x3a60  vmicheartbeat - ok
12:28:45.0311 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:28:45.0325 0x3a60  vmickvpexchange - ok
12:28:45.0344 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
12:28:45.0358 0x3a60  vmicrdv - ok
12:28:45.0377 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
12:28:45.0391 0x3a60  vmicshutdown - ok
12:28:45.0410 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
12:28:45.0424 0x3a60  vmictimesync - ok
12:28:45.0463 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
12:28:45.0477 0x3a60  vmicvmsession - ok
12:28:45.0495 0x3a60  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
12:28:45.0510 0x3a60  vmicvss - ok
12:28:45.0524 0x3a60  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:28:45.0528 0x3a60  volmgr - ok
12:28:45.0568 0x3a60  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:28:45.0579 0x3a60  volmgrx - ok
12:28:45.0607 0x3a60  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:28:45.0627 0x3a60  volsnap - ok
12:28:45.0662 0x3a60  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:28:45.0666 0x3a60  vpci - ok
12:28:45.0693 0x3a60  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:28:45.0699 0x3a60  vsmraid - ok
12:28:45.0779 0x3a60  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
12:28:45.0835 0x3a60  VSS - ok
12:28:45.0868 0x3a60  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:28:45.0878 0x3a60  VSTXRAID - ok
12:28:45.0898 0x3a60  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:28:45.0900 0x3a60  vwifibus - ok
12:28:45.0918 0x3a60  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
12:28:45.0922 0x3a60  vwififlt - ok
12:28:45.0935 0x3a60  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
12:28:45.0938 0x3a60  vwifimp - ok
12:28:45.0992 0x3a60  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
12:28:46.0015 0x3a60  W32Time - ok
12:28:46.0078 0x3a60  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
12:28:46.0082 0x3a60  w3logsvc - ok
12:28:46.0142 0x3a60  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:28:46.0157 0x3a60  W3SVC - ok
12:28:46.0194 0x3a60  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:28:46.0197 0x3a60  WacomPen - ok
12:28:46.0236 0x3a60  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
12:28:46.0261 0x3a60  WalletService - ok
12:28:46.0294 0x3a60  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:28:46.0298 0x3a60  wanarp - ok
12:28:46.0305 0x3a60  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:28:46.0308 0x3a60  wanarpv6 - ok
12:28:46.0353 0x3a60  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:28:46.0367 0x3a60  WAS - ok
12:28:46.0446 0x3a60  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:28:46.0505 0x3a60  wbengine - ok
12:28:46.0573 0x3a60  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:28:46.0618 0x3a60  WbioSrvc - ok
12:28:46.0653 0x3a60  [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:28:46.0671 0x3a60  Wcmsvc - ok
12:28:46.0723 0x3a60  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:28:46.0746 0x3a60  wcncsvc - ok
12:28:46.0769 0x3a60  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:28:46.0776 0x3a60  WcsPlugInService - ok
12:28:46.0814 0x3a60  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:28:46.0817 0x3a60  WdBoot - ok
12:28:46.0864 0x3a60  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:28:46.0910 0x3a60  Wdf01000 - ok
12:28:46.0940 0x3a60  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:28:46.0951 0x3a60  WdFilter - ok
12:28:46.0972 0x3a60  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:28:46.0980 0x3a60  WdiServiceHost - ok
12:28:46.0987 0x3a60  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:28:46.0996 0x3a60  WdiSystemHost - ok
12:28:47.0046 0x3a60  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:28:47.0080 0x3a60  wdiwifi - ok
12:28:47.0127 0x3a60  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:28:47.0132 0x3a60  WdNisDrv - ok
12:28:47.0168 0x3a60  WdNisSvc - ok
12:28:47.0193 0x3a60  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:28:47.0205 0x3a60  WebClient - ok
12:28:47.0229 0x3a60  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:28:47.0242 0x3a60  Wecsvc - ok
12:28:47.0258 0x3a60  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:28:47.0264 0x3a60  WEPHOSTSVC - ok
12:28:47.0284 0x3a60  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:28:47.0292 0x3a60  wercplsupport - ok
12:28:47.0318 0x3a60  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:28:47.0328 0x3a60  WerSvc - ok
12:28:47.0347 0x3a60  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
12:28:47.0353 0x3a60  WFPLWFS - ok
12:28:47.0372 0x3a60  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:28:47.0380 0x3a60  WiaRpc - ok
12:28:47.0418 0x3a60  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:28:47.0421 0x3a60  WIMMount - ok
12:28:47.0427 0x3a60  WinDefend - ok
12:28:47.0454 0x3a60  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:28:47.0459 0x3a60  WindowsTrustedRT - ok
12:28:47.0471 0x3a60  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:28:47.0474 0x3a60  WindowsTrustedRTProxy - ok
12:28:47.0539 0x3a60  [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:28:47.0562 0x3a60  WinHttpAutoProxySvc - ok
12:28:47.0604 0x3a60  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
12:28:47.0606 0x3a60  WinMad - ok
12:28:47.0690 0x3a60  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:28:47.0697 0x3a60  Winmgmt - ok
12:28:47.0805 0x3a60  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:28:47.0900 0x3a60  WinRM - ok
12:28:47.0942 0x3a60  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
12:28:47.0946 0x3a60  WINUSB - ok
12:28:47.0967 0x3a60  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
12:28:47.0970 0x3a60  WinVerbs - ok
12:28:48.0066 0x3a60  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:28:48.0145 0x3a60  WlanSvc - ok
12:28:48.0245 0x3a60  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:28:48.0313 0x3a60  wlidsvc - ok
12:28:48.0346 0x3a60  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\WINDOWS\system32\drivers\WmBEnum.sys
12:28:48.0348 0x3a60  WmBEnum - ok
12:28:48.0387 0x3a60  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\WINDOWS\system32\drivers\WmFilter.sys
12:28:48.0390 0x3a60  WmFilter - ok
12:28:48.0410 0x3a60  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:28:48.0412 0x3a60  WmiAcpi - ok
12:28:48.0466 0x3a60  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:28:48.0471 0x3a60  wmiApSrv - ok
12:28:48.0509 0x3a60  WMPNetworkSvc - ok
12:28:48.0548 0x3a60  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\WINDOWS\system32\drivers\WmVirHid.sys
12:28:48.0550 0x3a60  WmVirHid - ok
12:28:48.0567 0x3a60  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\WINDOWS\system32\drivers\WmXlCore.sys
12:28:48.0571 0x3a60  WmXlCore - ok
12:28:48.0586 0x3a60  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:28:48.0593 0x3a60  Wof - ok
12:28:48.0720 0x3a60  [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:28:48.0779 0x3a60  workfolderssvc - ok
12:28:48.0809 0x3a60  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:28:48.0812 0x3a60  wpcfltr - ok
12:28:48.0849 0x3a60  [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:28:48.0857 0x3a60  WPDBusEnum - ok
12:28:48.0876 0x3a60  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:28:48.0878 0x3a60  WpdUpFltr - ok
12:28:48.0914 0x3a60  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
12:28:48.0922 0x3a60  WpnService - ok
12:28:48.0976 0x3a60  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:28:48.0979 0x3a60  ws2ifsl - ok
12:28:49.0024 0x3a60  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:28:49.0037 0x3a60  wscsvc - ok
12:28:49.0057 0x3a60  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
12:28:49.0059 0x3a60  WSDPrintDevice - ok
12:28:49.0067 0x3a60  [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
12:28:49.0069 0x3a60  WSDScan - ok
12:28:49.0075 0x3a60  WSearch - ok
12:28:49.0214 0x3a60  [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService       C:\WINDOWS\System32\WSService.dll
12:28:49.0337 0x3a60  WSService - ok
12:28:49.0455 0x3a60  [ F2A9089A715EC55EA8A5C660F724A7B3, 20F4426743AB8610FDB22E7DE955D6728706AE58A9548D5A71622DF460C34661 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:28:49.0514 0x3a60  wuauserv - ok
12:28:49.0567 0x3a60  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:28:49.0572 0x3a60  WudfPf - ok
12:28:49.0591 0x3a60  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
12:28:49.0598 0x3a60  WUDFRd - ok
12:28:49.0640 0x3a60  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:28:49.0649 0x3a60  wudfsvc - ok
12:28:49.0669 0x3a60  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:28:49.0676 0x3a60  WUDFWpdFs - ok
12:28:49.0688 0x3a60  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:28:49.0694 0x3a60  WUDFWpdMtp - ok
12:28:49.0776 0x3a60  [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:28:49.0833 0x3a60  WwanSvc - ok
12:28:49.0895 0x3a60  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
12:28:49.0952 0x3a60  XblAuthManager - ok
12:28:50.0016 0x3a60  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
12:28:50.0072 0x3a60  XblGameSave - ok
12:28:50.0105 0x3a60  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
12:28:50.0113 0x3a60  xboxgip - ok
12:28:50.0178 0x3a60  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
12:28:50.0207 0x3a60  XboxNetApiSvc - ok
12:28:50.0244 0x3a60  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
12:28:50.0247 0x3a60  xinputhid - ok
12:28:50.0251 0x3a60  ================ Scan global ===============================
12:28:50.0304 0x3a60  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
12:28:50.0343 0x3a60  [ 6C647A171ACA3838441206BBE715B0D7, 30ACA236E3D4A73F546AAA71D0FE80B1D66036AB7934B56CBF260F7E3A8C410F ] C:\WINDOWS\system32\winsrv.dll
12:28:50.0396 0x3a60  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
12:28:50.0445 0x3a60  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
12:28:50.0466 0x3a60  [ Global ] - ok
12:28:50.0467 0x3a60  ================ Scan MBR ==================================
12:28:50.0474 0x3a60  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:28:50.0485 0x3a60  \Device\Harddisk1\DR1 - ok
12:28:50.0520 0x3a60  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:28:50.0525 0x3a60  \Device\Harddisk0\DR0 - ok
12:28:50.0532 0x3a60  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:28:50.0536 0x3a60  \Device\Harddisk1\DR1 - ok
12:28:50.0536 0x3a60  ================ Scan VBR ==================================
12:28:50.0539 0x3a60  [ 0A98B1CB587F467AE4445197A3969E46 ] \Device\Harddisk1\DR1\Partition1
12:28:50.0541 0x3a60  \Device\Harddisk1\DR1\Partition1 - ok
12:28:50.0544 0x3a60  [ F25C92FA94B79352F0EEE2D944C346D7 ] \Device\Harddisk0\DR0\Partition1
12:28:50.0546 0x3a60  \Device\Harddisk0\DR0\Partition1 - ok
12:28:50.0557 0x3a60  [ 94BECFEB01A96035EDE88EA7BDB6BF0A ] \Device\Harddisk0\DR0\Partition2
12:28:50.0573 0x3a60  \Device\Harddisk0\DR0\Partition2 - ok
12:28:50.0588 0x3a60  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:28:50.0588 0x3a60  \Device\Harddisk0\DR0\Partition3 - ok
12:28:50.0600 0x3a60  [ DCA5344F60BDEDA5BDA07F0C8CE6FE25 ] \Device\Harddisk0\DR0\Partition4
12:28:50.0616 0x3a60  \Device\Harddisk0\DR0\Partition4 - ok
12:28:50.0644 0x3a60  [ 94C1E7809C9B8C7A38B393449ECE6997 ] \Device\Harddisk0\DR0\Partition5
12:28:50.0667 0x3a60  \Device\Harddisk0\DR0\Partition5 - ok
12:28:50.0681 0x3a60  [ 4052E4F3AC846B013959E381B5BE5494 ] \Device\Harddisk0\DR0\Partition6
12:28:50.0683 0x3a60  \Device\Harddisk0\DR0\Partition6 - ok
12:28:50.0688 0x3a60  [ 0A98B1CB587F467AE4445197A3969E46 ] \Device\Harddisk1\DR1\Partition1
12:28:50.0689 0x3a60  \Device\Harddisk1\DR1\Partition1 - ok
12:28:50.0690 0x3a60  ================ Scan generic autorun ======================
12:28:50.0735 0x3a60  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\WINDOWS\system32\igfxtray.exe
12:28:50.0742 0x3a60  IgfxTray - ok
12:28:50.0789 0x3a60  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\WINDOWS\system32\igfxpers.exe
12:28:50.0801 0x3a60  Persistence - ok
12:28:51.0271 0x3a60  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:28:51.0655 0x3a60  RTHDVCPL - ok
12:28:51.0719 0x3a60  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
12:28:51.0725 0x3a60  Start WingMan Profiler - ok
12:28:51.0815 0x3a60  [ 0914BF7C19B7B50E67BA8934C4E6DB6C, E17BDC6B7F31FBC65E5EA37EBACF5B83FD47A124ECC3B082C7944149339632CE ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:28:51.0826 0x3a60  AdobeAAMUpdater-1.0 - ok
12:28:51.0827 0x3a60  SynTPEnh - ok
12:28:51.0883 0x3a60  [ E9763D09729140F9C4027A70782AF657, BF40457DC5D5E794E6D31183107113E9AD8DE24D7DF537B9393FE14D6BC64C66 ] C:\Program Files\iTunes\iTunesHelper.exe
12:28:51.0887 0x3a60  iTunesHelper - ok
12:28:51.0956 0x3a60  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
12:28:51.0968 0x3a60  mcui_exe - ok
12:28:52.0023 0x3a60  [ FF7CB5344094510654C240486B4B1B3F, 2A50A3BC366D5293C61FEDC5639C0EB2BB3176933599B6C1533F06F9B6C5D2DF ] C:\Program Files (x86)\RadioController\RfBtnHelper.exe
12:28:52.0026 0x3a60  RadioController - ok
12:28:52.0055 0x3a60  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
12:28:52.0067 0x3a60  mcpltui_exe - ok
12:28:52.0153 0x3a60  ConvertAd - ok
12:28:52.0218 0x3a60  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:28:52.0236 0x3a60  avgnt - ok
12:28:52.0314 0x3a60  Dropbox - ok
12:28:52.0385 0x3a60  [ D52A9F078EA114D3465FC1CD9E900DF1, 841F6055435278A93230C3F5E33E6C530D6FDF5A331EC31E992A35DD084A7C64 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
12:28:52.0388 0x3a60  Avira SystrayStartTrigger - ok
12:28:52.0553 0x3a60  [ DC34357661A698DED4B4C8C8BF526779, A35358976B18039E0BD2624C08CC865BAE5B490C853E2A233B011E4CEC7158EC ] C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
12:28:52.0665 0x3a60  GoPro Studio Importer - ok
12:28:53.0016 0x3a60  [ A0B7545F54109730251301EEFB8785EA, 0421BA94441A8EE74276D2F8465DD78E4250160BFD60E9AA07AF6F1BAE7CB391 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:28:53.0317 0x3a60  AvastUI.exe - ok
12:28:53.0384 0x3a60  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:28:53.0418 0x3a60  SunJavaUpdateSched - ok
12:28:53.0770 0x3a60  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:28:54.0062 0x3a60  OneDriveSetup - ok
12:28:54.0342 0x3a60  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:28:54.0522 0x3a60  OneDriveSetup - ok
12:28:54.0629 0x3a60  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:28:54.0642 0x3a60  OneDrive - ok
12:28:54.0694 0x3a60  Skype - ok
12:28:54.0966 0x3a60  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:28:55.0145 0x3a60  OneDriveSetup - ok
12:28:55.0208 0x3a60  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:28:55.0220 0x3a60  WAB Migrate - ok
12:28:55.0222 0x3a60  Waiting for KSN requests completion. In queue: 273
12:28:56.0245 0x3a60  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
12:28:56.0246 0x3a60  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
12:28:56.0248 0x3a60  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x41000 ( enabled : updated )
12:28:56.0252 0x3a60  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled )
12:28:56.0256 0x3a60  Win FW state via NFP2: enabled ( trusted )
12:28:56.0368 0x3a60  ============================================================
12:28:56.0368 0x3a60  Scan finished
12:28:56.0368 0x3a60  ============================================================
12:28:56.0376 0x1b54  Detected object count: 0
12:28:56.0376 0x1b54  Actual detected object count: 0
         
Hallo Matthias,
Vielen Dank für die schnelle und tolle Hilfe! Ich habe hoffentlich alles so gemacht wie erwünscht und wollte nur noch anmerken, dass ich direkt nach dem öffnen der E-mail einmal Avira drüber laufen gelassen habe und eine Komplettscan von Avast mit Bootscan. Ich hoffe das stellt kein Problem dar.

Mit freundlichen Grüßen

Alt 27.07.2016, 15:04   #7
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Servus,




Mehrere Anti-Virus-Programme

Code:
ATTFilter
Avast
Avira
McAfee
Windows Defender
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Außerdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere. über Einstellungen > System > Apps und Features.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Meine Empfehlung: Avira & Avast & McAfee deinstallieren.




Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Joel Schirm\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.








Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 28.07.2016, 21:15   #8
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
# AdwCleaner v5.201 - Bericht erstellt am 28/07/2016 um 18:10:09
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-28.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Joel Schirm - JOEL
# Gestartet von : C:\Users\Joel Schirm\Downloads\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\apn
[-] Ordner gelöscht : C:\ProgramData\AskPartnerNetwork
[-] Ordner gelöscht : C:\Program Files (x86)\AskPartnerNetwork
[-] Ordner gelöscht : C:\Program Files (x86)\Bench
[-] Ordner gelöscht : C:\Program Files (x86)\Browser Champion
[-] Ordner gelöscht : C:\Program Files (x86)\predm
[-] Ordner gelöscht : C:\Users\JOELSC~1\AppData\Local\Temp\apn
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\AskPartnerNetwork
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\BenchUpdater
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\Browser Champion
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\globalUpdate
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\fabulous_09240949
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Roaming\ap_logs
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Champion
[-] Ordner gelöscht : C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Joel Schirm\AppData\Roaming\aps.uninstall.scan.results
[-] Datei gelöscht : C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] Datei gelöscht : C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[#] Datei gelöscht : C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[#] Datei gelöscht : C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[-] Datei gelöscht : C:\Users\Joel Schirm\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] Datei gelöscht : C:\Users\Joel Schirm\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[#] Datei gelöscht : C:\Users\Joel Schirm\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
[#] Datei gelöscht : C:\Users\Joel Schirm\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datamngrCoordinator.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
[-] Schlüssel gelöscht : HKCU\Software\AskPartnerNetwork
[-] Schlüssel gelöscht : HKCU\Software\Fabulous
[-] Schlüssel gelöscht : HKCU\Software\SupHpUISoft
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\BlockAndSurf
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MyBestOffersToday
[-] Schlüssel gelöscht : HKLM\SOFTWARE\TermTutor
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1C01}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5354-2D53-5045-A758B70C1C01}
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel gelöscht : HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\D2A425F4453535D205547A857BC0C110
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\D2A425F4453535D205547A857BC0C110
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F4453535D205547A857BC0C110
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{55EB01FB-EDA9-4BE0-9575-3C497F018BA7}
[#] Wert gelöscht : HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markable.net
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ConvertAd]
[-] Wert gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ConvertAd]

***** [ Internetbrowser ] *****

[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : trovi.search
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : izito.de
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : mobile.1und1.de
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : aaaaaiabcopkplhgaedhbloeejhhankf
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gelöscht : hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M5C87EF03-2EAB-49EA-955E-A1400347A35B&SearchSource=55&CUI=&UM=6&UP=SPA1BE5BFF-28BB-48B6-BD0A-A6EA44246C17&SSPV=

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13518 Bytes] - [28/07/2016 18:10:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [14319 Bytes] - [28/07/2016 17:54:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13666 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.07.2016
Suchlaufzeit: 18:35
Protokolldatei: mbamlog2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.28.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Joel Schirm

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 408305
Abgelaufene Zeit: 38 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [8ed5dc4dd2c890a6dd868e0240c26c94], 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [0c574ddc7b1fc5719dcbeea2ab57d729], 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 

Registrierungswerte: 3
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{4F524A2D-5354-2D53-5045-7A786E7484D7}, -JROTSS-PEzxnt„×, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6]
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [b5ae59d0bae0f343fe82d9bce12130d0], 
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_101, In Quarantäne, [2b38c3663f5b280e3364327744bf38c8], 

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by Joel Schirm (Administrator) on 28.07.2016 at 22:01:19,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-91D7232E.pf (File) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{43005E6C-AA4D-4BD6-9190-FFE933D2DB32} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2016 at 22:06:32,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von Joel Schirm (2016-07-28 22:12:47)
Gestartet von C:\Users\Joel Schirm\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-14 00:02:30)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-91962927-1255909171-1727231816-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-91962927-1255909171-1727231816-503 - Limited - Disabled)
Gast (S-1-5-21-91962927-1255909171-1727231816-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-91962927-1255909171-1727231816-1003 - Limited - Enabled)
Joel Schirm (S-1-5-21-91962927-1255909171-1727231816-1001 - Administrator - Enabled) => C:\Users\Joel Schirm

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.7 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Longman iBT Prep 2.0 (HKLM-x32\...\Longman iBT 2.0) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.227 - McAfee, Inc.)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
OpenOffice Beta 4.1.0 (HKLM-x32\...\{E0284E69-DDCE-4AB0-9A6B-22DC9CB8D7DB}) (Version: 4.10.9760 - Apache Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SkyTest for ATCO Screenings 3 (HKLM-x32\...\{E0C7ACB5-CF62-499E-BB93-784C5E4F27AF}) (Version: 3.0.3 - SkyTest)
SkyTest Swiss (HKLM-x32\...\{B9453B54-1721-4F70-9CF9-1FE283F9528F}) (Version: 3.1.4 - SkyTest)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.52 - Synaptics Incorporated)
ToPilots BU (HKLM-x32\...\{3623F5FD-0137-4847-B25B-454DB79E86CF}) (Version: 3.0.13 - ToPilots)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-91962927-1255909171-1727231816-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice Beta 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04B60928-49AE-435F-9A1F-0B0E88580F36} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.)
Task: {05F6E57A-5CC4-43B4-85F5-FA4103D18931} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {0A636694-51D8-4CEA-B556-9586C696CC5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0BB1F085-8DE9-413E-BF56-5F3719E539B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1C56FD5E-D85C-41E5-9224-C897114D1757} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {3CC98E34-632F-41CE-B89F-BEF3BCB32D2D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4BCD3516-4D6F-4285-AA07-657431159806} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {514360DF-0685-40B0-81B0-450E1313F1E2} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {52EF4DF8-76E9-4CC4-AA1D-F6AE1AB61497} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {5CC96094-35C5-4BE2-BF41-00EB21ACA557} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {62413DC3-7665-4E42-8F2A-2A4EC72AF377} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {64CC9B0B-EDFC-4879-877E-79965B0752FB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6B5BDB46-759E-4EC9-A0D1-5A6106AA6EE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6E1FF3AF-7810-4083-B8CD-9C245C3BBC64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {75D962DC-26D7-4265-B311-96F859B819AC} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Joel.Schirm@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {797A7927-DE48-475A-B38A-11D6124DCBBB} - System32\Tasks\SafeZone scheduled Autoupdate 1469467191 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {8409C4EA-EE40-4A59-B99B-6424AF655962} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.)
Task: {85981A42-1573-48BA-B49C-3569F61E7FD3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {8B142332-8DC1-452D-B108-FBF32EC653BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8DFC7E36-87F4-49D7-B17A-4624FCC84946} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {913E8AD4-A22B-4250-BEBD-510E42881134} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-25] (AVAST Software)
Task: {93347DF4-5F18-4248-AEE6-D871894B8294} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {9A1E926E-E9C4-4F5B-ABA5-7AD13956E242} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A7FC99A7-A46D-488E-9B9A-D4B8D74D3044} - System32\Tasks\{756D55BB-E05A-40B1-898C-4377132733E9} => pcalua.exe -a "C:\Users\Joel Schirm\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: {BAE6D4D1-FCB6-4F7F-85DE-F8D080D0D0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {BBAE94AE-404F-432F-91EB-68547ED70181} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-91962927-1255909171-1727231816-1001
Task: {F1183DCB-782A-46D0-95DC-A94521F4B3A9} - System32\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F9BFD676-31FD-4B93-986A-670AE385EB3C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {FBA71317-EB0D-4719-A075-715EE0EA0F86} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Joel Schirm\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 15:23 - 2016-05-20 15:23 - 00959168 _____ () C:\Users\Joel Schirm\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 16:52 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:31 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-28 18:18 - 2016-07-28 18:18 - 03002368 _____ () C:\Program Files\AVAST Software\Avast\defs\16072801\algo.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-12-09 07:46 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-21 07:24 - 2016-04-21 07:25 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-07-25 19:11 - 2016-07-25 19:11 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-18 11:24 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 11:24 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-07-14 21:39 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joel Schirm\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{73ae6d29-60ae-4dc6-89aa-2153987a2798}.jpg
HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Joel Schirm\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{73ae6d29-60ae-4dc6-89aa-2153987a2798}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "mcpltui_exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{327ACBA0-9C67-43F4-8A88-F4D2D62CA4EB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{059BF4A1-25EB-461D-942D-C7E0FAFC06D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06004B32-291C-441A-830E-60DC7B354B79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A51DC92A-2B7D-4E11-9FDD-26AF267D041B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{78E4D982-678B-455B-9DBB-485556DFF290}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0314973B-1A3B-4F5A-A45A-919579D43449}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A870DB4A-ADEF-422A-B2BE-4D9CC8226C00}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{338A0D27-F6CC-4370-896C-185205B4CBB1}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{9065C1E9-4CF6-4278-A23E-3095A70F24BE}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{EE1C6A63-8939-4068-85E5-68EB80B4F1F0}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{99D51750-0805-4D70-827A-8F0F962B8C3F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{4E60F0A2-B7F5-459A-8785-B02F1FDC4EA0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{82FC926F-F087-4EE6-BA93-44F8420B83F6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C29CA3C7-5D12-4294-86C2-EADDC67C2701}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DFC0D74B-6EF6-4722-9358-F50231B98D81}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{2EF530F5-DA9E-47BF-BF7E-4DC3B478CB78}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{2506D337-7978-49C4-9774-948D21949B4D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D7812491-B57E-41E8-B29C-942453E7AB2A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{0469E918-6B6C-4F64-9A74-43D3A738867D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{041F40CE-F050-4FEE-8840-44D8433F070C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{A970556D-7597-43E1-8672-E1DBBE84668F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{0E567244-83E7-431D-A1F9-7A813811AE9C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B6A8439D-7F0A-4E40-A981-C0A7F2CEB9CA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{5898ECBD-567C-436E-9CE7-6B2FF6DD5A59}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{206E8D8F-3ACC-4B96-A130-95912AC2C003}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{0EAA41DB-FC29-485D-93F5-A38EA4C3AAA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{18BA6EF2-EB20-4497-8C15-1E4950EA0D12}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0B232779-C762-447C-8475-E6E2B013B88C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AAF4F8D-AB6A-4F37-8A69-6699E072487B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9ABAE1F3-0038-423F-B296-84E94C137D0C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D9D523F-157F-4EFF-A8C7-3BFDFF1CEF23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CDAF6C5-EF7A-4A67-A33D-3AD65BFBBCBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F04CC0-F09A-41E3-AF61-D7F58C3DC925}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B7D46248-4F6F-4C19-8B7E-F84812DBB22B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{82AAACAE-2506-47C8-954F-54AF3EB5DDE9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{1571FC9D-B586-4BBA-9DC3-7806610EC6FE}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

27-07-2016 00:51:58 Geplanter Prüfpunkt
28-07-2016 22:00:18 JRT Pre-Junkware Removal
28-07-2016 22:01:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/28/2016 10:01:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/28/2016 10:01:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (07/28/2016 07:04:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: JOEL)
Description: Das Paket „Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (07/28/2016 06:31:18 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2016 06:31:18 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2016 06:31:18 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2016 02:55:30 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (07/28/2016 02:55:28 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_64_2.0.50727

Error: (07/28/2016 02:55:28 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: ASP.NET_64_2.0.507274

Error: (07/27/2016 05:48:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203


Systemfehler:
=============
Error: (07/28/2016 09:08:23 PM) (Source: DCOM) (EventID: 10000) (User: JOEL)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}

Error: (07/28/2016 08:32:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/28/2016 08:05:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/28/2016 07:17:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (07/28/2016 07:17:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.

Error: (07/28/2016 07:17:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.

Error: (07/28/2016 07:17:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (07/28/2016 07:17:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetTcpPortSharing" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (07/28/2016 07:17:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetTcpPortSharing erreicht.

Error: (07/28/2016 07:17:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.



CodeIntegrity:
===================================
  Date: 2016-07-14 21:13:01.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 20:08:54.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-19 21:42:30.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 19:38:43.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 10:55:53.157
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 15:13:01.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-17 10:52:19.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 20:06:48.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-08 10:35:04.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-30 22:05:36.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8005.28 MB
Verfügbarer physikalischer RAM: 4516.02 MB
Summe virtueller Speicher: 9285.28 MB
Verfügbarer virtueller Speicher: 6103.24 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:447.25 GB) (Free:116.81 GB) NTFS
Drive d: (FlightYokeQV1.1) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
Drive e: () (Removable) (Total:59.45 GB) (Free:59.45 GB) exFAT

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 67E41FCE)

Partition: GPT.

========================================================
Disk: 1 (Size: 59.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 28.07.2016, 21:28   #9
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
durchgeführt von Joel Schirm (Administrator) auf JOEL (28-07-2016 22:11:25)
Gestartet von C:\Users\Joel Schirm\Desktop
Geladene Profile: Joel Schirm &  (Verfügbare Profile: Joel Schirm & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2965816 2012-10-19] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2012-12-09] (Dritek System Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [831064 2016-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-25] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\...\MountPoints2: {5418aa2c-41c2-11e2-be6a-806e6f6e6963} - "D:\setup.exe" 
HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5418aa2c-41c2-11e2-be6a-806e6f6e6963} - "D:\setup.exe" 
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-10-25]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74c436f5-4879-483d-9564-e1ce0daea3cc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-91962927-1255909171-1727231816-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wikipedia.de/
HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wikipedia.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> DefaultScope {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001 -> {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {43005E6C-AA4D-4BD6-9190-FFE933D2DB32} URL = 
SearchScopes: HKU\S-1-5-21-91962927-1255909171-1727231816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {74380343-86AE-4650-A045-E5ABA03EA63F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE662D20151120&p={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Joel Schirm\AppData\Roaming\Mozilla\Firefox\Profiles\JkeDuTSU.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Joel Schirm\AppData\Roaming\Mozilla\Firefox\Profiles\JkeDuTSU.default\Extensions\abs@avira.com [2015-02-06] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-25]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-19] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE662D20151120&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-25]
CHR Extension: (SiteAdvisor) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-25]
CHR Extension: (AdBlock) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-08-27] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-25] (AVAST Software)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-07-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2012-12-09] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-25] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-17] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-09] (Dritek System Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 SaiH0763; C:\Windows\system32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
R3 SaiH0BAC; C:\Windows\system32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-28 22:10 - 2016-07-28 22:10 - 00000000 ____D C:\Users\Joel Schirm\Desktop\FRST-OlderVersion
2016-07-28 22:06 - 2016-07-28 22:06 - 00000778 _____ C:\Users\Joel Schirm\Desktop\JRT.txt
2016-07-28 21:59 - 2016-07-28 21:59 - 01610560 _____ (Malwarebytes) C:\Users\Joel Schirm\Desktop\JRT.exe
2016-07-28 21:54 - 2016-07-28 21:54 - 00002852 _____ C:\Users\Joel Schirm\Desktop\mbamlog2.txt
2016-07-28 21:52 - 2016-07-28 21:52 - 00002851 _____ C:\Users\Joel Schirm\Desktop\mbamlog.txt
2016-07-28 20:13 - 2016-07-28 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-07-28 20:03 - 2016-07-28 20:03 - 00000000 ___HD C:\OneDriveTemp
2016-07-28 18:28 - 2016-07-28 21:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-28 18:27 - 2016-07-28 18:27 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-28 18:27 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-28 18:27 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-28 18:27 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-28 18:24 - 2016-07-28 18:25 - 22851472 _____ (Malwarebytes ) C:\Users\Joel Schirm\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-28 17:54 - 2016-07-28 18:10 - 00000000 ____D C:\AdwCleaner
2016-07-28 17:51 - 2016-07-28 17:54 - 03712064 _____ C:\Users\Joel Schirm\Desktop\AdwCleaner_5.201.exe
2016-07-27 12:28 - 2016-07-27 12:38 - 00288452 _____ C:\TDSSKiller.3.1.0.9_27.07.2016_12.28.07_log.txt
2016-07-27 10:38 - 2016-07-27 12:21 - 00568638 _____ C:\TDSSKiller.3.1.0.9_27.07.2016_10.38.32_log.txt
2016-07-27 10:38 - 2016-07-27 10:38 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Joel Schirm\Desktop\tdsskiller.exe
2016-07-27 10:20 - 2016-07-27 10:22 - 00054453 _____ C:\Users\Joel Schirm\Desktop\Addition.txt
2016-07-27 10:18 - 2016-07-28 22:11 - 00028993 _____ C:\Users\Joel Schirm\Desktop\FRST.txt
2016-07-27 10:18 - 2016-07-28 22:11 - 00000000 ____D C:\FRST
2016-07-27 10:17 - 2016-07-28 22:10 - 02394112 _____ (Farbar) C:\Users\Joel Schirm\Desktop\FRST64.exe
2016-07-27 10:15 - 2016-07-27 10:16 - 01744384 _____ (Farbar) C:\Users\Joel Schirm\Downloads\FRST.exe
2016-07-27 08:57 - 2016-07-27 08:57 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-27 08:57 - 2016-07-27 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-27 08:56 - 2016-07-27 08:57 - 00000000 ____D C:\Program Files\iTunes
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files\iPod
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Sun
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\.oracle_jre_usage
2016-07-27 08:48 - 2016-07-27 08:48 - 00001918 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-25 19:20 - 2016-07-25 19:20 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1469467191
2016-07-25 19:20 - 2016-07-25 19:20 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\CEF
2016-07-25 19:19 - 2016-07-25 19:19 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-25 19:17 - 2016-07-25 19:49 - 1276319704 _____ C:\Users\Joel Schirm\Downloads\Notfall_DVD_7.0_Free.zip
2016-07-25 19:13 - 2016-07-25 19:13 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\AVAST Software
2016-07-25 19:12 - 2016-07-26 08:18 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-25 19:12 - 2016-07-25 19:12 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-25 19:12 - 2016-07-25 19:12 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:12 - 00001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-25 19:12 - 2016-07-25 19:11 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-25 19:11 - 2016-07-25 19:11 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-25 19:08 - 2016-07-25 19:19 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:05 - 06253640 _____ (AVAST Software) C:\Users\Joel Schirm\Downloads\avast_free_antivirus_setup_online.exe
2016-07-13 16:54 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 16:54 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 16:54 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 16:54 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 16:54 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 16:54 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 16:54 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 16:54 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 16:54 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 16:54 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 16:54 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 16:54 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 16:54 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 16:54 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 16:54 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 16:54 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 16:54 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 16:54 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 16:54 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 16:54 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 16:54 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 16:53 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 16:53 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 16:53 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 16:53 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 16:53 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 16:53 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 16:53 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 16:53 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 16:53 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 16:53 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 16:53 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 16:53 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 16:53 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 16:53 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 16:53 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 16:53 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 16:53 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 16:52 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 16:52 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 16:52 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 16:52 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 16:52 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 16:52 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 16:52 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 16:52 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 16:52 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 16:52 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 16:52 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 16:52 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 16:52 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 16:52 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 16:52 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 16:52 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 16:52 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 16:52 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 16:52 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 16:52 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 16:52 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 16:52 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 16:52 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 16:52 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 22:47 - 2016-07-12 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-28 22:06 - 2016-06-28 22:06 - 00089850 _____ C:\Users\Joel Schirm\Downloads\Information_20160609.pdf
2016-06-28 22:06 - 2016-06-28 22:06 - 00082140 _____ C:\Users\Joel Schirm\Downloads\Information_20160321.pdf
2016-06-28 22:05 - 2016-06-28 22:05 - 00044142 _____ C:\Users\Joel Schirm\Downloads\Ertraegnisaufstellung_20160216.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00022615 _____ C:\Users\Joel Schirm\Downloads\Extra_Konto_5547106976_Kontoauszug_20160106.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00015565 _____ C:\Users\Joel Schirm\Downloads\Jahressteuerbescheinigung_20160216.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208 (1).pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-28 22:11 - 2015-07-31 13:40 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Skype
2016-07-28 22:02 - 2014-11-05 23:47 - 00000000 ___RD C:\Users\Joel Schirm\OneDrive
2016-07-28 21:44 - 2015-09-04 23:39 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-28 21:26 - 2014-11-16 07:16 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e.job
2016-07-28 21:25 - 2014-10-18 10:54 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7982CE35-C0E7-4176-B59C-86FF61A832AC}
2016-07-28 21:21 - 2014-09-24 13:02 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-28 20:03 - 2015-09-04 23:42 - 00000000 ___RD C:\Users\Joel Schirm\Dropbox
2016-07-28 20:02 - 2015-09-04 23:39 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-28 20:02 - 2014-09-24 13:02 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-28 19:16 - 2015-12-14 01:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-28 19:15 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-28 18:15 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 17:59 - 2016-06-16 18:29 - 00032565 _____ C:\Users\Joel Schirm\Documents\10 lebensmittel gegen heuschnupfen.odt
2016-07-28 15:06 - 2015-02-06 01:06 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-28 15:05 - 2015-02-06 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 15:02 - 2015-02-06 01:08 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-07-28 15:02 - 2015-02-06 01:08 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-07-28 14:57 - 2015-11-11 08:50 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\Adobe
2016-07-28 14:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-27 23:22 - 2015-10-15 15:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 23:22 - 2015-07-31 13:40 - 00000000 ____D C:\ProgramData\Skype
2016-07-27 16:27 - 2016-06-16 18:25 - 00042349 _____ C:\Users\Joel Schirm\Documents\superfood.odt
2016-07-27 16:14 - 2015-12-14 01:25 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-27 16:14 - 2015-10-30 20:35 - 00888352 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-27 16:14 - 2015-10-30 20:35 - 00196960 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-27 16:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-27 16:08 - 2014-09-23 18:25 - 00000000 ___RD C:\Users\Joel Schirm\Desktop\Acer Laptop
2016-07-27 08:56 - 2015-04-03 16:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-27 08:49 - 2015-12-14 01:26 - 00000000 ____D C:\Users\Joel Schirm
2016-07-27 08:49 - 2015-04-05 16:35 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-27 08:49 - 2015-04-05 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-27 08:49 - 2015-04-05 16:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-27 08:24 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-25 13:30 - 2012-10-25 06:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-07-22 16:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-21 16:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-14 21:06 - 2014-09-23 17:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-13 20:02 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 17:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 17:23 - 2014-09-23 19:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 17:15 - 2014-09-23 19:10 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-13 17:05 - 2014-09-24 15:33 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\ElevatedDiagnostics
2016-07-12 22:48 - 2015-04-21 19:06 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\SkyTestSw30
2016-07-12 22:47 - 2015-09-04 23:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-06 19:22 - 2014-12-17 15:30 - 00000000 ___RD C:\Users\Joel Schirm\Documents\Scanned Documents
2016-07-06 19:10 - 2014-11-16 07:16 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:05 - 2015-12-14 01:21 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-01 10:18 - 2014-10-25 10:17 - 0000365 _____ () C:\Users\Joel Schirm\AppData\Roaming\XREPVZV
2015-02-06 01:17 - 2015-02-06 01:17 - 0000017 _____ () C:\Users\Joel Schirm\AppData\Local\resmon.resmoncfg
2015-09-09 16:27 - 2015-09-09 16:27 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{908A77B8-FE70-4C28-9315-E04AD53DB650}
2015-11-20 11:56 - 2015-11-20 11:56 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{9390F065-752A-4AC5-ABC5-79D38CA0E10A}

Einige Dateien in TEMP:
====================
C:\Users\Joel Schirm\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-22 16:56

==================== Ende von FRST.txt ============================
         
Hey Matthias,
ich habe nun alles versucht so zu machen wie erläuert.
Ich hoffe alles ist zufriedenstellend und du kannst mir ohne Probleme helfen.
Eine Frage habe ich noch wie deinstalliere ich die Virenprogramme unter "Schreddern"?
Und welches Virenprogramm würdest du mir empfehlen?

Mit freundlichen Grüßen und vielen vielen Dank!

Alt 29.07.2016, 12:35   #10
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Servus,


1.
Logdatei von MBAM ist unvollständig, bitte vollständig posten.

2.
Ich habe dich bereits darum gebeten, Avira + Avast + McAfee über Start > Einstellungen > System > Apps und Features zu deinstallieren.
Was hast du gemacht? Gar nichts. Warum nicht?

3.
FRST nochmal so ausführen:
  • Starte FRST erneut.
  • Kopiere den Inhalt der folgenden Code-Box in die Zeile "Suche":
    Code:
    ATTFilter
    AskPartnerNetwork;apn-stub;Bench;Browser Champion;predm;BenchUpdater;globalUpdate;fabulous;BlockAndSurf;ConvertAd;sweet-page;Iminent;
             
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei SearchReg.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.

Alt 30.07.2016, 17:22   #11
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Hey Matthias habe nun die Virenprogramme deinstalliert! Sorry dafür...

Also ich habe noch eine Frage zu der MBAM Logdatei. Irgendwie hatte das Programm sich direkt nach dem Suchlauf geschlossen.. Dann bin ich auf Verlauf und habe alles dort kopiert und eingefügt. Da waren aber noch 2 weitere die ich dir hier nochmal hochladen werde.. Habe nochmal eine Durchsuchung nach der Deinstallation von den ANTIVirenprogrammen gemacht. Ich hoffe du kannst dann damit mehr anfangen.

Mit freundlichen Grüßen,

Joel Schirm

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.07.2016
Suchlaufzeit: 18:35
Protokolldatei: mbamlog2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.28.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Joel Schirm

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 408305
Abgelaufene Zeit: 38 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [8ed5dc4dd2c890a6dd868e0240c26c94], 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [0c574ddc7b1fc5719dcbeea2ab57d729], 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 

Registrierungswerte: 3
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{4F524A2D-5354-2D53-5045-7A786E7484D7}, -JROTSS-PEzxnt„×, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6]
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [b5ae59d0bae0f343fe82d9bce12130d0], 
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_101, In Quarantäne, [2b38c3663f5b280e3364327744bf38c8], 

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.HDVid, C:\Users\Joel Schirm\AppData\LocalLow\TheHDvid-Codec V10, In Quarantäne, [abb8fb2e801ae650f2782392cd35dd23], 

Dateien: 2
PUP.Optional.DownloadGuide, C:\$Recycle.Bin\S-1-5-21-91962927-1255909171-1727231816-1001\$RTRZHT9.exe, In Quarantäne, [4f1494953169ea4cebe6abd4f011d927], 
PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf, In Quarantäne, [fb68ae7bedad89ad10d601bada2930d0], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.07.2016
Suchlaufzeit: 18:35
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.28.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Joel Schirm

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 408305
Abgelaufene Zeit: 38 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [8ed5dc4dd2c890a6dd868e0240c26c94], 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [0c574ddc7b1fc5719dcbeea2ab57d729], 
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6], 

Registrierungswerte: 3
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{4F524A2D-5354-2D53-5045-7A786E7484D7}, -JROTSS-PEzxnt„×, In Quarantäne, [5d0631f83b5feb4b7e028411a75b2ad6]
PUP.Optional.ASK, HKU\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{4F524A2D-5354-2D53-5045-7A786E7484D7}, In Quarantäne, [b5ae59d0bae0f343fe82d9bce12130d0], 
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_101, In Quarantäne, [2b38c3663f5b280e3364327744bf38c8], 

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.HDVid, C:\Users\Joel Schirm\AppData\LocalLow\TheHDvid-Codec V10, In Quarantäne, [abb8fb2e801ae650f2782392cd35dd23], 

Dateien: 2
PUP.Optional.DownloadGuide, C:\$Recycle.Bin\S-1-5-21-91962927-1255909171-1727231816-1001\$RTRZHT9.exe, In Quarantäne, [4f1494953169ea4cebe6abd4f011d927], 
PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf, In Quarantäne, [fb68ae7bedad89ad10d601bada2930d0], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.07.2016
Suchlaufzeit: 17:36
Protokolldatei: mbamlog3.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.30.10
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Joel Schirm

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 406702
Abgelaufene Zeit: 37 Min., 23 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von Joel Schirm (2016-07-30 18:20:33)
Gestartet von C:\Users\Joel Schirm\Desktop
Start-Modus: Normal

================== Registry-Suche: "AskPartnerNetwork;apn-stub;Bench;Browser Champion;predm;BenchUpdater;globalUpdate;fabulous;BlockAndSurf;ConvertAd;sweet-page;Iminent" ===========


===================== Suchergebnis für "AskPartnerNetwork" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110\SourceList\Net]
"2"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf]
""="C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}]
"AppPath"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}]
"AppPath"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-SPE\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\CRX\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Source\"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\CRX\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\CRX\109.2\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-ST-SPE\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}]
"AppPath"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}]
"AppPath"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe"="0x5341435001000000000000000700000028000000981F0A00B9500A0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000000B200000000000000200000002000000"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Joel Schirm\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe"="0x5341435001000000000000000700000028000000889F0200DF34030001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000041DDF54D000000000100000001000000"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Joel Schirm\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe"="0x534143500100000000000000070000002800000088C70200C02C030001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F4DCF54D000000000100000001000000"


===================== Suchergebnis für "apn-stub" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110\SourceList]
"LastUsedSource"="n;1;C:\ProgramData\APN\APN-Stub\ORJ-SPE\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110\SourceList\Net]
"1"="C:\ProgramData\APN\APN-Stub\ORJ-SPE\"


===================== Suchergebnis für "Bench" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]
"@FFXIVWinBenchmark.exe"="1"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{D714BCFF-747D-4084-9F71-59C4D21943C2}\0000]
"@FFXIVWinBenchmark.exe"="1"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{D714BCFF-747D-4084-9F71-59C4D21943C2}\0001]
"@FFXIVWinBenchmark.exe"="1"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\AppX4jndxf2sfphvabj0vqk43kwn65c3q7ja\Application]
"ApplicationDescription"="Discover the new benchmark for physics puzzle games! Shark Dash is a highly addictive game that takes the physics puzzler to fun new heights with a unique cartoonish style starring funny little bath toys!"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\Extensions\ContractId\Windows.BackgroundTasks\PackageId\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\ActivatableClassId\App.AppX4m9xzm1gqr6knqfd32qhakpvn6xqn3sp.mca]
"Description"="Discover the new benchmark for physics puzzle games! Shark Dash is a highly addictive game that takes the physics puzzler to fun new heights with a unique cartoonish style starring funny little bath toys!"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\Extensions\ContractId\Windows.Launch\PackageId\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\ActivatableClassId\App]
"Description"="Discover the new benchmark for physics puzzle games! Shark Dash is a highly addictive game that takes the physics puzzler to fun new heights with a unique cartoonish style starring funny little bath toys!"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\Extensions\ContractId\Windows.Protocol\PackageId\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\ActivatableClassId\App.AppXqjjwrpqhmpgey43amb14z2xkw0mb6htt.mca]
"Description"="Discover the new benchmark for physics puzzle games! Shark Dash is a highly addictive game that takes the physics puzzler to fun new heights with a unique cartoonish style starring funny little bath toys!"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\App\Capabilities]
"ApplicationDescription"="Discover the new benchmark for physics puzzle games! Shark Dash is a highly addictive game that takes the physics puzzler to fun new heights with a unique cartoonish style starring funny little bath toys!"


===================== Suchergebnis für "fabulous" ==========

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Joel Schirm\AppData\Local\fabulous_09240949\fabulous_09240949.exe"="0x534143500100000000000000070000002800000000A01F00C9992000030000000000000000000106710000002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000018160000000000000100000001000000"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQVP-3.5V24.09\Db\Local\previous_page]
"Value"=""hxxp://www.fabulous-discounts.com/savings/index.php?cc=DE&sess=1&chid=6801&er=1&url=http%3A%2F%2Fdeliver.smartimps.com%2Feas%3Fcu%3D28489%26ptrack%3DI0FMEZZ59O%26par1%3DCJBp9E-yQumiM9DaNepTsA%26par3%3D4tgoiitivett31isfmx3gsq""


===================== Suchergebnis für "BlockAndSurf" ==========

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\ver7BlockAndSurf\Uninstall.exe"="0x5341435001000000000000000700000028000000AE35040000000000030000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000008F1F0000000000000100000001000000"


===================== Suchergebnis für "ConvertAd" ==========

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c927fb4a_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0269&subsys_10250649&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001
\Device\HarddiskVolume4\Users\Joel Schirm\AppData\Local\ConvertAd\ConvertAd.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Joel Schirm\AppData\Local\ConvertAd\Uninstall.exe"="0x53414350010000000000000007000000280000002B61010000000000030000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000AA440000000000000100000001000000"


===================== Suchergebnis für "sweet-page" ==========

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Joel Schirm\AppData\Roaming\sweet-page\UninstallManager.exe"="0x534143500100000000000000070000002800000000541C0000000000030000000000000000000206712200002EF6C8A3A56ACD0100000000000000000100000004000000010000000200000050000000000000000000002000000000000000000000000000000000357D02000000000002000000020000000000000000000000000080000000000000008000000000005F1F0000000000000100000000000000"

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Users\Joel Schirm\AppData\Roaming\sweet-page\UninstallManager.exe"="$ Win8RTM"


===================== Suchergebnis für "Iminent" ==========

[HKEY_USERS\S-1-5-21-91962927-1255909171-1727231816-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Iminent\inst\Bootstrapper\IminentUninstall.exe"="0x53414350010000000000000007000000280000007811210035572100030000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000036670000000000000100000001000000"

====== Ende von Suche ======
         

Alt 31.07.2016, 10:22   #12
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Servus,



sehr gut gemacht.





wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
Task: {05F6E57A-5CC4-43B4-85F5-FA4103D18931} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {0A636694-51D8-4CEA-B556-9586C696CC5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0BB1F085-8DE9-413E-BF56-5F3719E539B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3CC98E34-632F-41CE-B89F-BEF3BCB32D2D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4BCD3516-4D6F-4285-AA07-657431159806} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {64CC9B0B-EDFC-4879-877E-79965B0752FB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6E1FF3AF-7810-4083-B8CD-9C245C3BBC64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8B142332-8DC1-452D-B108-FBF32EC653BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8DFC7E36-87F4-49D7-B17A-4624FCC84946} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {A7FC99A7-A46D-488E-9B9A-D4B8D74D3044} - System32\Tasks\{756D55BB-E05A-40B1-898C-4377132733E9} => pcalua.exe -a "C:\Users\Joel Schirm\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: {BAE6D4D1-FCB6-4F7F-85DE-F8D080D0D0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F9BFD676-31FD-4B93-986A-670AE385EB3C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 03.08.2016, 16:06   #13
mohjoegerry
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Code:
ATTFilter
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-19] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE662D20151120&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-25]
CHR Extension: (SiteAdvisor) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-25]
CHR Extension: (AdBlock) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joel Schirm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-19]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-08-27] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-07-28] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-25] (AVAST Software)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-04] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-07-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2012-12-09] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-25] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-17] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-09] (Dritek System Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 SaiH0763; C:\Windows\system32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
R3 SaiH0BAC; C:\Windows\system32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-28 22:10 - 2016-07-28 22:10 - 00000000 ____D C:\Users\Joel Schirm\Desktop\FRST-OlderVersion
2016-07-28 22:06 - 2016-07-28 22:06 - 00000778 _____ C:\Users\Joel Schirm\Desktop\JRT.txt
2016-07-28 21:59 - 2016-07-28 21:59 - 01610560 _____ (Malwarebytes) C:\Users\Joel Schirm\Desktop\JRT.exe
2016-07-28 21:54 - 2016-07-28 21:54 - 00002852 _____ C:\Users\Joel Schirm\Desktop\mbamlog2.txt
2016-07-28 21:52 - 2016-07-28 21:52 - 00002851 _____ C:\Users\Joel Schirm\Desktop\mbamlog.txt
2016-07-28 20:13 - 2016-07-28 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-07-28 20:03 - 2016-07-28 20:03 - 00000000 ___HD C:\OneDriveTemp
2016-07-28 18:28 - 2016-07-28 21:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-28 18:27 - 2016-07-28 18:27 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-28 18:27 - 2016-07-28 18:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-28 18:27 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-28 18:27 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-28 18:27 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-28 18:24 - 2016-07-28 18:25 - 22851472 _____ (Malwarebytes ) C:\Users\Joel Schirm\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-28 17:54 - 2016-07-28 18:10 - 00000000 ____D C:\AdwCleaner
2016-07-28 17:51 - 2016-07-28 17:54 - 03712064 _____ C:\Users\Joel Schirm\Desktop\AdwCleaner_5.201.exe
2016-07-27 12:28 - 2016-07-27 12:38 - 00288452 _____ C:\TDSSKiller.3.1.0.9_27.07.2016_12.28.07_log.txt
2016-07-27 10:38 - 2016-07-27 12:21 - 00568638 _____ C:\TDSSKiller.3.1.0.9_27.07.2016_10.38.32_log.txt
2016-07-27 10:38 - 2016-07-27 10:38 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Joel Schirm\Desktop\tdsskiller.exe
2016-07-27 10:20 - 2016-07-27 10:22 - 00054453 _____ C:\Users\Joel Schirm\Desktop\Addition.txt
2016-07-27 10:18 - 2016-07-28 22:11 - 00028993 _____ C:\Users\Joel Schirm\Desktop\FRST.txt
2016-07-27 10:18 - 2016-07-28 22:11 - 00000000 ____D C:\FRST
2016-07-27 10:17 - 2016-07-28 22:10 - 02394112 _____ (Farbar) C:\Users\Joel Schirm\Desktop\FRST64.exe
2016-07-27 10:15 - 2016-07-27 10:16 - 01744384 _____ (Farbar) C:\Users\Joel Schirm\Downloads\FRST.exe
2016-07-27 08:57 - 2016-07-27 08:57 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-27 08:57 - 2016-07-27 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-27 08:56 - 2016-07-27 08:57 - 00000000 ____D C:\Program Files\iTunes
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files\iPod
2016-07-27 08:56 - 2016-07-27 08:56 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Sun
2016-07-27 08:49 - 2016-07-27 08:49 - 00000000 ____D C:\Users\Joel Schirm\.oracle_jre_usage
2016-07-27 08:48 - 2016-07-27 08:48 - 00001918 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-07-27 08:48 - 2016-07-27 08:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-25 19:20 - 2016-07-25 19:20 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1469467191
2016-07-25 19:20 - 2016-07-25 19:20 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\CEF
2016-07-25 19:19 - 2016-07-25 19:19 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-25 19:19 - 2016-07-25 19:19 - 00001086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-25 19:17 - 2016-07-25 19:49 - 1276319704 _____ C:\Users\Joel Schirm\Downloads\Notfall_DVD_7.0_Free.zip
2016-07-25 19:13 - 2016-07-25 19:13 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\AVAST Software
2016-07-25 19:12 - 2016-07-26 08:18 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-25 19:12 - 2016-07-25 19:12 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-25 19:12 - 2016-07-25 19:12 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:12 - 00001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-25 19:12 - 2016-07-25 19:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-25 19:12 - 2016-07-25 19:11 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-25 19:12 - 2016-07-25 19:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-25 19:11 - 2016-07-25 19:11 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-25 19:08 - 2016-07-25 19:19 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-25 19:05 - 2016-07-25 19:05 - 06253640 _____ (AVAST Software) C:\Users\Joel Schirm\Downloads\avast_free_antivirus_setup_online.exe
2016-07-13 16:54 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 16:54 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 16:54 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 16:54 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 16:54 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 16:54 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 16:54 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 16:54 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 16:54 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 16:54 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 16:54 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 16:54 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 16:54 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 16:54 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 16:54 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 16:54 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 16:54 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 16:54 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 16:54 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 16:54 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 16:54 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 16:54 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 16:54 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 16:54 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 16:54 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 16:54 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 16:54 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 16:54 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 16:54 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 16:54 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 16:54 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 16:54 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 16:54 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 16:54 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 16:54 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:54 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 16:54 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 16:54 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 16:54 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 16:54 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 16:54 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 16:54 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 16:54 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 16:54 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 16:54 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 16:54 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 16:54 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 16:54 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 16:54 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 16:54 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 16:54 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 16:53 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 16:53 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 16:53 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 16:53 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 16:53 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 16:53 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 16:53 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 16:53 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 16:53 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 16:53 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 16:53 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 16:53 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 16:53 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 16:53 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 16:53 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 16:53 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 16:53 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 16:53 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 16:53 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 16:53 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 16:53 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 16:53 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 16:53 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 16:53 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 16:53 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 16:53 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 16:53 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 16:53 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 16:53 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 16:53 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 16:53 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 16:53 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 16:53 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 16:53 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 16:53 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 16:53 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 16:53 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 16:53 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 16:53 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 16:53 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 16:53 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 16:53 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 16:53 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 16:53 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 16:53 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 16:53 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 16:53 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 16:53 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 16:53 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 16:53 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 16:53 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 16:53 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 16:53 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 16:53 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 16:53 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 16:53 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 16:53 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 16:53 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 16:53 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 16:53 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 16:53 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 16:53 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 16:53 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 16:53 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 16:53 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 16:53 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 16:53 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 16:53 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 16:53 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 16:53 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 16:53 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 16:53 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 16:53 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 16:53 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 16:53 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 16:53 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 16:53 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 16:53 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 16:53 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 16:53 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 16:53 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 16:53 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 16:53 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 16:52 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 16:52 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 16:52 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 16:52 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 16:52 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 16:52 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 16:52 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 16:52 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 16:52 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 16:52 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 16:52 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 16:52 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 16:52 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 16:52 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 16:52 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 16:52 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 16:52 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 16:52 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 16:52 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 16:52 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 16:52 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 16:52 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 16:52 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 16:52 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 16:52 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 16:52 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 16:52 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 16:52 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 16:52 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 16:52 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 16:52 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 16:52 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 16:52 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 16:52 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 16:52 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 16:52 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 16:52 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 22:47 - 2016-07-12 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-28 22:06 - 2016-06-28 22:06 - 00089850 _____ C:\Users\Joel Schirm\Downloads\Information_20160609.pdf
2016-06-28 22:06 - 2016-06-28 22:06 - 00082140 _____ C:\Users\Joel Schirm\Downloads\Information_20160321.pdf
2016-06-28 22:05 - 2016-06-28 22:05 - 00044142 _____ C:\Users\Joel Schirm\Downloads\Ertraegnisaufstellung_20160216.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00022615 _____ C:\Users\Joel Schirm\Downloads\Extra_Konto_5547106976_Kontoauszug_20160106.pdf
2016-06-28 22:04 - 2016-06-28 22:04 - 00015565 _____ C:\Users\Joel Schirm\Downloads\Jahressteuerbescheinigung_20160216.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208.pdf
2016-06-28 22:03 - 2016-06-28 22:03 - 00100282 _____ C:\Users\Joel Schirm\Downloads\Information_20151208 (1).pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-28 22:11 - 2015-07-31 13:40 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\Skype
2016-07-28 22:02 - 2014-11-05 23:47 - 00000000 ___RD C:\Users\Joel Schirm\OneDrive
2016-07-28 21:44 - 2015-09-04 23:39 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-28 21:26 - 2014-11-16 07:16 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0015c6ea2172e.job
2016-07-28 21:25 - 2014-10-18 10:54 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7982CE35-C0E7-4176-B59C-86FF61A832AC}
2016-07-28 21:21 - 2014-09-24 13:02 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-28 20:03 - 2015-09-04 23:42 - 00000000 ___RD C:\Users\Joel Schirm\Dropbox
2016-07-28 20:02 - 2015-09-04 23:39 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-28 20:02 - 2014-09-24 13:02 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-28 19:16 - 2015-12-14 01:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-28 19:15 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-28 18:15 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 17:59 - 2016-06-16 18:29 - 00032565 _____ C:\Users\Joel Schirm\Documents\10 lebensmittel gegen heuschnupfen.odt
2016-07-28 15:06 - 2015-02-06 01:06 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-28 15:05 - 2015-02-06 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 15:02 - 2015-02-06 01:08 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-07-28 15:02 - 2015-02-06 01:08 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-07-28 14:57 - 2015-11-11 08:50 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\Adobe
2016-07-28 14:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-27 23:22 - 2015-10-15 15:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 23:22 - 2015-07-31 13:40 - 00000000 ____D C:\ProgramData\Skype
2016-07-27 16:27 - 2016-06-16 18:25 - 00042349 _____ C:\Users\Joel Schirm\Documents\superfood.odt
2016-07-27 16:14 - 2015-12-14 01:25 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-27 16:14 - 2015-10-30 20:35 - 00888352 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-27 16:14 - 2015-10-30 20:35 - 00196960 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-27 16:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-27 16:08 - 2014-09-23 18:25 - 00000000 ___RD C:\Users\Joel Schirm\Desktop\Acer Laptop
2016-07-27 08:56 - 2015-04-03 16:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-27 08:49 - 2015-12-14 01:26 - 00000000 ____D C:\Users\Joel Schirm
2016-07-27 08:49 - 2015-04-05 16:35 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-27 08:49 - 2015-04-05 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-27 08:49 - 2015-04-05 16:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-27 08:24 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-25 13:30 - 2012-10-25 06:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-07-22 16:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-21 16:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-14 21:06 - 2014-09-23 17:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-13 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-13 20:02 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-13 20:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 17:23 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 17:23 - 2014-09-23 19:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 17:15 - 2014-09-23 19:10 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-13 17:05 - 2014-09-24 15:33 - 00000000 ____D C:\Users\Joel Schirm\AppData\Local\ElevatedDiagnostics
2016-07-12 22:48 - 2015-04-21 19:06 - 00000000 ____D C:\Users\Joel Schirm\AppData\Roaming\SkyTestSw30
2016-07-12 22:47 - 2015-09-04 23:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-06 19:22 - 2014-12-17 15:30 - 00000000 ___RD C:\Users\Joel Schirm\Documents\Scanned Documents
2016-07-06 19:10 - 2014-11-16 07:16 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-04 10:37 - 2015-03-10 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:05 - 2015-12-14 01:21 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-01 10:18 - 2014-10-25 10:17 - 0000365 _____ () C:\Users\Joel Schirm\AppData\Roaming\XREPVZV
2015-02-06 01:17 - 2015-02-06 01:17 - 0000017 _____ () C:\Users\Joel Schirm\AppData\Local\resmon.resmoncfg
2015-09-09 16:27 - 2015-09-09 16:27 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{908A77B8-FE70-4C28-9315-E04AD53DB650}
2015-11-20 11:56 - 2015-11-20 11:56 - 0000000 _____ () C:\Users\Joel Schirm\AppData\Local\{9390F065-752A-4AC5-ABC5-79D38CA0E10A}

Einige Dateien in TEMP:
====================
C:\Users\Joel Schirm\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-22 16:56

==================== Ende von FRST.txt ============================
         

Alt 03.08.2016, 20:06   #14
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



Servus,


Schritt 1 nochmal lesen. Du hast wohl nicht auf den "Entfernen" - Button geklickt.

Alt 03.08.2016, 22:33   #15
M-K-D-B
/// TB-Ausbilder
 
Directpay24 E-Mail bekommen und Zip Datei geöffnet - Standard

Directpay24 E-Mail bekommen und Zip Datei geöffnet



cosinus übernimmt ab hier, bin im Urlaub.

Antwort

Themen zu Directpay24 E-Mail bekommen und Zip Datei geöffnet
anhang, antivir, avira, avira antivir, computer, datei, directpay 24, direkt, e-mail, ebanking, falsche, fehler, gen, geändert, großes, karte, komplett, mails, neu, onlinebanking, passwörter, problem, profi, sachen, sms, trojaner, warnung, zip anhang geöffnet



Ähnliche Themen: Directpay24 E-Mail bekommen und Zip Datei geöffnet


  1. Trojaner durch directpay24-Spam-Mail mit .zip-Anhang?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2016 (14)
  2. Fake-Amazon Mail mit zip Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 26.06.2015 (11)
  3. Rechtsanwalt-Mail von Directpay: zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 26.03.2015 (1)
  4. DHL Mail bekommen und den Link angeklickt / geöffnet :(
    Log-Analyse und Auswertung - 05.03.2015 (13)
  5. DHL Fake E-Mail und Datei geöffnet
    Log-Analyse und Auswertung - 04.03.2015 (7)
  6. Zip Datei aus Inkasso-Mail am MAC geöffnet
    Alles rund um Mac OSX & Linux - 28.01.2015 (12)
  7. Mail mit .rft-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.10.2014 (2)
  8. Schadhaften E-Mail-Anhang geöffnet (.zip-Datei)
    Log-Analyse und Auswertung - 10.07.2014 (9)
  9. Telekom mail und Zip Datei geöffnet
    Mülltonne - 04.06.2014 (0)
  10. Telekom Mail und Zip Datei geöffnet
    Mülltonne - 04.06.2014 (0)
  11. Telekom Mail und Zip Datei geöffnet
    Log-Analyse und Auswertung - 04.06.2014 (1)
  12. Pdf-Datei aus PayPal-Phishing Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.05.2014 (13)
  13. Dummerweise ebenfalls Anwalt Email bekommen und die zip datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.01.2014 (29)
  14. Anwalt Email bekommen und die zip datei dummerweise geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (10)
  15. Zip- Datei in Spam-mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (23)
  16. Mail mit ZIP-Datei im Anhang geöffnet - Trojaner?
    Log-Analyse und Auswertung - 14.05.2013 (9)
  17. Verdächtige E-Mail mit Zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (10)

Zum Thema Directpay24 E-Mail bekommen und Zip Datei geöffnet - Hallo bin ganz neu hier, da ich mein erstes "großes" Problem mit einem Trojaner habe. Nichts ahnend habe ich meine Mails gecheckt und hatte da eine der bekannten Mahnmails von - Directpay24 E-Mail bekommen und Zip Datei geöffnet...
Archiv
Du betrachtest: Directpay24 E-Mail bekommen und Zip Datei geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.