Fast bei jedem Klick auf einer Website öffnet sich Werbung in einem neuen Tab (Chrome,Firefox)

GreenPerl · 15.04.2017, 13:15

Hallo , Ich habe ein Virus der immer wieder aufkommt, ich hab ihn schon ein paar mal gelöscht aber er kommt wieder. Ich klicke irgendwo auf einer Website drauf und es öffnet sich ein neuer Tab der auf Werbung weiterleitet z.b hxxp://pwwysydh.com/click?h=Ax722bagzrkm5xpIr2EIJD16ekxaT4TVr3jfgVy7BvLNWrONOrtONgZsSQ9iOeFfa1VVDj6s7M7c8iBGUbksmhiKSvH69TSD1StHqT42IQQNI7AUNgwu-rfxqpNInSmX36129b2Qe1OBu8aPirjMy4BbY6xj9j0bN2ZrOajslnW00Km-ZG8UnhdRZrCkyI5iW3akcklWZ5pgkF10FZ3MzVFlyBuSADZ5Hsu_luIm2byVkD7hd9paoAWLMSK76s3IUPNwFZfG55-WzlkL2dKn5KhER_Bt8X63aPCZePqhQ8FH86iex8SVikKzyGcbC-ZTT6bBv9BVxDgnY-SffkofgrhHWc0AQ4e908sdmX5JyaftqHgNgaCn5AW6F11ux-x-BmlTcrLcCh0ckI_4tZbFtVG7k_zTJw8AvONqzYUeOkeLu1S9SfRlrwddSTCsmOfA7lBHWsb84FVGhrjWbMrkezZvSwuqwYwTu_gOh9vSyMEwtBHHf8l4hrcZTabxEsGzsXG1-EOqi7NRBWpNTEDff5YVPr96UnQUKLJxNpKxbNBfBzbzmGW3gcuBuP1RK-J_MG8Oml8kDnzaRDj9akYZn6nCQX-Ib2DaUfW2abLqjRtda7cWc4GihYjV2Fmm4jWfnwbz9Yc_eLutQs4ObZ-vx4rmnuhCzbLc04w_itax_vuY_BxOMcbRkuJyTJj4lnv2LHdrqAzs8Ef3aTSMYx6SYiB4K0INJpMFo30JCN1QF7T3n484JkQ8d5pXCpqnEiXwXknslaS_4aq2rBSNIM6OP77JZZQMihhHgKzEZHofK kn9wzFSBA-TFAUvlRnV-bSwX6jK9XtWGPsZyc8wfvpzfGfoJwp6IdHSwQyA2aNG7r8jsf_ptvgV-vUaJzQvpokSor3Nz5tXhcvKj1KNnVZ3d1snl-DDSuffs9rrBziziY_tQUO4tvpqEKz614jdAR04cI50YbUJgludXIag7bXN2FmoFxvQi7l0b1DqXmdjmYrObxiKlwPLfqlooZydAkL75Ay0obCaE25ZiUEvdChMow&subid=g-88296786-da7f66ac5a964f08aee939234eee5fed-&data_fb=no&data_rtt=5356&data_proto=http%3A&data_ic=false&data_ss=728x1366&rt=443464&data_sid=98b86124f6cb25e643210739435073d8
und ich habe auch die anzeigen von netutils.
Hier sieht man die Anzeigen : directupload.net/file/d/4692/k6te3d2g_png.htm

Habe die FRST Logs und ADWcleaner Log

M-K-D-B · 16.04.2017, 12:22

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

GreenPerl · 17.04.2017, 10:07

Frst.txt 1 teil:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-04-2017
durchgeführt von Владимир (Administrator) auf WLADIMIR (17-04-2017 10:53:15)
Gestartet von C:\Users\Владимир\Desktop
Geladene Profile: Владимир (Verfügbare Profile: Владимир & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiMalware\SZServer.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\Microsoft\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiMalware\STOPzilla.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\MyWiMax.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKLM\...\Winlogon: [Userinit] C:\Users\Владимир\AppData\Local\Kometa\StartButton\kometastartvx64.exe,C:\Windows\system32\userinit.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Владимир\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [rblbdqbvul] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=9BA9EE6BE7098FEF9E82537FDDA3856A&utm_d=20170413" <===== ACHTUNG
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_162_Plugin.exe [1224896 2016-10-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\lol.scr [3721216 2016-03-30] ()
ShellExecuteHooks: Kein Name - {98C066AB-D735-4339-9E52-A34875141B56} - C:\Users\Владимир\AppData\Local\Microsoft\Windows\INetCookies\chagaght.dll [417976 2016-06-08] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicy\User: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{fbce919f-74f4-4345-8261-4f8f29c1520c}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-09] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> Kein Name - {09900DE8-1DCA-443F-9243-26FF581438AF} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> hxxp://www.omniboxes.com/?type=hp&ts=1448179649&z=e62a4129c10f2d025ca0ef7gdz7zab6g8m3t5qfz0t&from=amt&uid=st500lm011xhm501ii_s24qj9ec612797

FireFox:
========
FF DefaultProfile: w9l91kci.default
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default [2017-04-14]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-05-05]
FF Extension: (Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default [2017-04-17]
FF Homepage: Profiles\w9l91kci.default -> about:home
FF Session Restore: Profiles\w9l91kci.default -> ist aktiviert.
FF Keyword.URL: Profiles\w9l91kci.default -> hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?uid=11A99623A4BDEBB0A892CA3E843DD8CE&ptid=pro&ts=AHEqBHAsAnUpAU..&v=20160607&mode=ffexttoolbar&q=
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\Extensions\elemhidehelper@adblockplus.org.xpi [2017-04-13]
FF Extension: (Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-10]
FF Extension: (Disable Prefetch) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\features\{8955282b-a055-4a27-a029-fd01e115f6ad}\disable-prefetch@mozilla.org.xpi [2017-04-14]
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\58y51ttl.default-1465805962448 [2017-04-14]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-14] [ist nicht signiert]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: (Content Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Владимир\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @Roozz.com/RoozzPlugin -> C:\Program Files (x86)\Roozz\nproozz.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-14] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3093447193-1613427322-2618303830-1001: @mail.ru/GameCenter -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3093447193-1613427322-2618303830-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Владимир\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR Profile: C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default [2017-04-16]
CHR Extension: (Google Präsentationen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-16]
CHR Extension: (Google Docs) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-16]
CHR Extension: (Google Drive) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-16]
CHR Extension: (YouTube) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-16]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2017-04-16]
CHR Extension: (Google Tabellen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-16]
CHR Extension: (MSN Homepage) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2017-04-16]
CHR Extension: (Google Docs Offline) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-16]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2017-04-16]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2017-04-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-16]
CHR Extension: (Google Mail) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-16]
CHR Extension: (Anti-Banner) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2017-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-16]
CHR Profile: C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1 [2017-04-16] <==== ACHTUNG
CHR Extension: (Spotify - Music for every moment) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-04-15]
CHR Extension: (JP Performance - BMW M4 (unoffical)) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\denclkkkinblmabbbedcablldldmjlle [2017-04-15]
CHR Extension: (AdBlock) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-15]
CHR HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-20]

Opera: 
=======
OPR Extension: (Tampermonkey) - C:\Users\Владимир\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-04-13]
OPR Extension: (Spiptus) - C:\Users\Владимир\AppData\Roaming\Opera Software\Opera Stable\Extensions\iindkkipiinfeoppmpjcmmifilkighnp [2017-04-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [Datei ist nicht signiert]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [Datei ist nicht signiert]
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5560840 2016-05-11] (INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-02-02] (Overwolf LTD)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-11-07] ()
S2 Recover; C:\Program Files\MSBuild\1KWH1GZ8JFCGHXMT7GATVMNG\kdLyMQCT3#.exe [104448 2017-04-13] () [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SvcHost Service Host; C:\Windows\Microsoft\svchost.exe [1528024 2017-04-14] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
R2 szserver; C:\Program Files (x86)\iS3\STOPzilla AntiMalware\SZServer.exe [194464 2016-07-01] (iS3, Inc.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [78856 2016-10-29] (Multi Theft Auto)
S3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [907160 2017-04-13] () <==== ACHTUNG
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 szkg5; C:\Windows\SysWow64\drivers\szkg64.sys [74768 2016-07-01] (iS3 Inc.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 whfltr2k; C:\WINDOWS\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWOW64\drivers\whfltr2k.sys [10368 2009-09-16] ()
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-11] (Wellbia.com Co., Ltd.)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S0 is3srv; SySWOW64\drivers\is3srv64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2030-12-13 02:39 - 2017-04-13 16:30 - 00000000 __SHD C:\System Volume Information
2017-04-17 10:54 - 2017-04-17 10:54 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Владимир\Desktop\tdsskiller.exe
2017-04-17 10:53 - 2017-04-17 10:53 - 00000000 ____D C:\Users\Владимир\Desktop\FRST-OlderVersion
2017-04-17 09:41 - 2017-04-17 09:43 - 00001952 _____ C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2017-04-16 10:24 - 2017-04-16 23:12 - 00000000 ____D C:\Users\Владимир\Desktop\Убийцы драконов
2017-04-16 00:28 - 2017-04-16 00:29 - 00000540 _____ C:\Users\Владимир\Desktop\Neues Textdokument.txt
2017-04-15 15:34 - 2017-04-15 15:35 - 00000000 ___HD C:\ProgramData\CanonIJScan
2017-04-15 14:45 - 2017-04-15 14:45 - 00000000 ___HD C:\ProgramData\CanonIJQuickMenu
2017-04-15 14:44 - 2017-04-15 15:34 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\Canon
2017-04-15 14:44 - 2017-04-15 14:44 - 00000000 ____D C:\Users\Владимир\Desktop\Drucker
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Canon Easy-WebPrint EX2
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Canon Easy-WebPrint EX
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5700 series Benutzerregistrierung
2017-04-15 14:33 - 2017-04-15 14:39 - 00000000 ____D C:\Program Files\Canon
2017-04-15 14:33 - 2017-04-15 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5700 series Manual
2017-04-15 14:29 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-04-15 14:29 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2017-04-15 14:29 - 2017-04-15 14:29 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2017-04-15 14:28 - 2017-04-15 14:28 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-04-15 14:28 - 2015-03-17 08:51 - 00375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2017-04-15 14:28 - 2015-03-17 08:51 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2017-04-15 14:28 - 2015-03-17 08:50 - 00380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2017-04-15 14:28 - 2015-01-29 11:22 - 00353792 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_CSL.dll
2017-04-15 14:28 - 2014-12-02 16:01 - 00096256 _____ C:\WINDOWS\SysWOW64\CNC178ED.TBL
2017-04-15 14:28 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2017-04-15 14:27 - 2017-04-15 14:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2017-04-15 14:27 - 2015-03-15 05:00 - 00406528 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCS.DLL
2017-04-15 14:26 - 2017-04-15 14:27 - 00000000 ___HD C:\Program Files\CanonBJ
2017-04-15 14:22 - 2017-04-16 13:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-04-15 14:22 - 2017-04-15 14:22 - 00000000 ____D C:\ProgramData\Canon
2017-04-15 14:21 - 2017-04-15 14:43 - 00000000 ____D C:\Program Files (x86)\Canon
2017-04-15 13:30 - 2017-04-17 10:55 - 00030987 _____ C:\Users\Владимир\Desktop\FRST.txt
2017-04-15 13:30 - 2017-04-17 10:53 - 00000000 ____D C:\FRST
2017-04-15 13:29 - 2017-04-17 10:53 - 02424320 _____ (Farbar) C:\Users\Владимир\Desktop\FRST64.exe
2017-04-15 12:22 - 2017-04-15 12:22 - 05007377 _____ C:\Users\Владимир\Downloads\Убийцы драконов.zip
2017-04-15 12:22 - 2017-04-15 12:22 - 05007377 _____ C:\Users\Владимир\Desktop\Убийцы драконов.zip
2017-04-15 12:14 - 2017-04-15 12:14 - 00006404 _____ C:\Users\Владимир\Desktop\AdwCleaner[S22].txt
2017-04-15 12:01 - 2017-04-15 12:04 - 00420684 _____ C:\WINDOWS\Minidump\041517-30671-01.dmp
2017-04-15 12:01 - 2017-04-15 12:01 - 619672408 _____ C:\WINDOWS\MEMORY.DMP
2017-04-15 12:01 - 2017-04-15 12:01 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-14 22:10 - 2017-04-14 22:10 - 00000016 _____ C:\WINDOWS\system32\config\software.szfi
2017-04-14 14:41 - 2017-04-14 14:41 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-14 14:41 - 2017-04-14 14:41 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-14 13:39 - 2017-04-14 13:39 - 00000000 ____D C:\Users\Владимир\AppData\Local\UNP
2017-04-14 13:21 - 2017-04-14 13:22 - 00000000 ____D C:\Program Files\UNP
2017-04-14 13:21 - 2017-04-14 13:21 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-14 13:08 - 2017-04-14 13:08 - 00001056 _____ C:\WINDOWS\SysWOW64\Drivers\kgpcpy.cfg
2017-04-13 21:53 - 2017-04-13 21:53 - 00002108 _____ C:\Users\Public\Desktop\STOPzilla AntiMalware.lnk
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla AntiMalware
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\Program Files (x86)\iS3
2017-04-13 21:52 - 2017-04-13 21:52 - 00593064 _____ C:\Users\Владимир\Downloads\STOPzilla_ASM_RW65.exe
2017-04-13 20:26 - 2017-04-17 09:43 - 00624640 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-04-13 20:26 - 2017-04-13 20:26 - 00907160 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2017-04-13 20:26 - 2017-04-13 20:26 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-04-13 20:26 - 2017-04-13 20:26 - 00000000 ____D C:\Users\Владимир\AppData\Local\CrashRpt
2017-04-13 20:22 - 2017-04-13 20:22 - 01270913 _____ C:\Users\Владимир\Desktop\Extreme Injector v3.6.rar
2017-04-13 20:20 - 2017-04-13 20:20 - 00000397 _____ C:\Users\Владимир\Downloads\extreme_injector_v3_6.torrent
2017-04-13 20:16 - 2017-04-13 20:16 - 07540123 _____ C:\Users\Владимир\Downloads\CheatCRrubles.zip
2017-04-13 20:12 - 2017-04-13 20:13 - 07540188 _____ C:\Users\Владимир\Downloads\Sobeit_by_SlonoBoyko_03.04.2017.zip
2017-04-13 19:20 - 2017-04-13 19:21 - 01129376 _____ (Google Inc.) C:\Users\Владимир\Desktop\ChromeSetup (1).exe
2017-04-13 19:20 - 2017-04-13 19:20 - 01129376 _____ (Google Inc.) C:\Users\Владимир\Downloads\ChromeSetup (1).exe
2017-04-13 18:23 - 2017-04-13 19:56 - 00000000 ____D C:\Users\Владимир\AppData\Local\etdctrl
2017-04-13 18:23 - 2017-04-13 18:23 - 00000000 ____D C:\Users\Владимир\AppData\Local\wupdate
2017-04-13 18:19 - 2017-04-13 18:19 - 00000387 _____ C:\Users\Владимир\Downloads\pukanobomb2.torrent
2017-04-13 18:14 - 2017-04-13 18:14 - 04089296 _____ C:\Users\Владимир\Desktop\adwcleaner_6.045.exe
2017-04-13 18:10 - 2017-04-13 18:10 - 00001194 _____ C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultimate-Discounter Browser.lnk
2017-04-13 18:07 - 2017-04-13 18:08 - 07540157 _____ C:\Users\Владимир\Downloads\Sobeit_by_SlonoBoyko.zip
2017-04-13 18:02 - 2017-04-13 18:02 - 01204711 _____ C:\WINDOWS\unins000.exe
2017-04-13 17:58 - 2017-04-13 18:00 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\Владимир\Downloads\CLEO4_setup (2).exe
2017-04-13 17:57 - 2017-04-13 20:15 - 00000000 ____D C:\Users\Владимир\Desktop\Trolling
2017-04-13 17:55 - 2017-04-13 17:56 - 701897648 _____ C:\Users\Владимир\Downloads\FSX.rar
2017-04-13 17:55 - 2017-04-13 17:55 - 16270006 _____ C:\Users\Владимир\Downloads\sa-mp-0.3.7-install (1).exe
2017-04-13 12:42 - 2017-04-13 18:11 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\WhatsApp
2017-04-13 12:42 - 2017-04-13 12:42 - 00002299 _____ C:\Users\Владимир\Desktop\WhatsApp.lnk
2017-04-13 12:42 - 2017-04-13 12:42 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-04-13 12:41 - 2017-04-13 12:42 - 00000000 ____D C:\Users\Владимир\AppData\Local\WhatsApp
2017-04-13 12:40 - 2017-04-13 12:41 - 82428176 _____ (WhatsApp) C:\Users\Владимир\Downloads\WhatsAppSetup.exe
2017-04-12 18:00 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 18:00 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 18:00 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 18:00 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 18:00 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 18:00 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 18:00 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 18:00 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 18:00 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:00 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 18:00 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 18:00 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 18:00 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 18:00 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 18:00 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 18:00 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 18:00 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 18:00 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 18:00 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 18:00 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 18:00 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 18:00 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 18:00 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 18:00 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 18:00 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 18:00 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 18:00 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 18:00 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 18:00 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 18:00 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 18:00 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 18:00 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 18:00 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 18:00 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 18:00 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 18:00 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 18:00 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 18:00 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 18:00 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:59 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:59 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:59 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:59 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:59 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:59 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:59 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:59 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:59 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:59 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:59 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:59 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:59 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:59 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:59 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:59 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:59 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:59 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:59 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:59 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:59 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:59 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:59 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:59 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:59 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:59 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:59 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:59 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:59 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:59 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:59 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:59 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:59 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:59 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:59 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:59 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:59 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:59 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:59 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:59 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:59 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:59 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:59 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:59 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:59 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:59 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:59 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:58 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:58 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:58 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:58 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:58 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:58 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:58 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:58 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:58 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:58 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:58 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:58 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:58 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:58 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:58 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:58 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:58 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:58 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:58 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:58 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:58 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:58 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:58 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:58 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:58 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:58 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:58 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:58 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:58 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:58 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:58 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:58 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:58 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:58 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:58 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:58 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:58 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:58 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll

GreenPerl · 17.04.2017, 10:11

Frst.txt teil 2:

Code:

ATTFilter

2017-04-12 17:58 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:58 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:58 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:58 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:58 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:58 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:58 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:58 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:58 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:58 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 17:57 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:57 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:57 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:57 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:57 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:57 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:57 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:57 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:57 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:57 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:57 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:57 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:57 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:57 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:57 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:57 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:57 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:57 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:57 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:57 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-11 19:11 - 2017-04-17 09:47 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D39CFD81-D1C6-4591-84A7-8D7ECFEE43A9}
2017-04-11 18:59 - 2017-04-11 19:03 - 00037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-04-11 18:48 - 2017-04-11 18:48 - 00000222 _____ C:\Users\Владимир\Desktop\Knight Online.url
2017-04-10 10:38 - 2017-04-10 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-04-10 10:36 - 2017-04-10 10:36 - 01129376 _____ (Google Inc.) C:\Users\Владимир\Downloads\googledrivesync.exe
2017-04-06 17:45 - 2017-04-06 19:39 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premier Game 2017.lnk
2017-04-06 16:56 - 2017-04-06 17:18 - 1245563386 _____ C:\Users\Владимир\Downloads\Leto2017fix.zip
2017-04-06 16:48 - 2017-04-06 16:48 - 05582008 _____ C:\Users\Владимир\Downloads\SAMP_Cheat_3.exe
2017-04-06 16:45 - 2017-04-06 16:45 - 00049866 _____ C:\Users\Владимир\Downloads\SilentAim_v8.0[English Version].cs
2017-04-04 17:06 - 2017-04-04 17:06 - 00605675 _____ C:\Users\Владимир\Downloads\[samp-mods.com]_1456318280_sf_5_3_1_bin (1).zip
2017-04-04 17:01 - 2017-04-04 17:01 - 00387930 _____ C:\Users\Владимир\Downloads\CLEO4.1_setup.exe
2017-04-04 16:51 - 2017-04-04 16:52 - 05582016 _____ C:\Users\Владимир\Downloads\gta-sa.exe
2017-04-04 16:45 - 2017-04-04 16:45 - 07718755 _____ C:\Users\Владимир\Downloads\141100-gta_sa.exe-1.0-us-gtasa.zip
2017-04-04 16:14 - 2017-04-04 16:16 - 16135195 _____ C:\Users\Владимир\Downloads\M_G Project for SAMP 0.3.7 [Update 3].rar
2017-04-04 15:55 - 2017-04-04 15:55 - 00024610 _____ C:\Users\Владимир\Downloads\1176_aim.rar
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-23 23:15 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-23 23:15 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-23 23:15 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-23 23:15 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-23 23:15 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-23 23:15 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-23 23:15 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-23 23:15 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-23 23:15 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-23 23:15 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-23 23:15 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-23 23:15 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-23 23:15 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-23 23:15 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-23 23:15 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-23 23:15 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-23 23:15 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-23 23:15 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-23 23:15 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-23 23:15 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-23 23:15 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-23 23:15 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-23 23:15 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-23 23:15 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-23 23:15 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-23 23:15 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-23 23:15 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-23 23:15 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-23 23:15 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-23 23:15 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-23 23:15 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-23 23:15 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-23 23:15 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-23 23:15 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-23 23:15 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-23 23:15 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-23 23:15 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-23 23:15 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-23 23:15 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-23 23:15 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-23 23:15 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-23 23:15 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-23 23:15 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-23 23:15 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-23 23:15 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-23 23:15 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-23 23:15 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-23 23:15 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-23 23:15 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-23 23:15 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-23 23:15 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-23 23:15 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-23 23:15 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-23 23:15 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-23 23:14 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-23 23:14 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-23 23:14 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-23 23:14 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-23 23:14 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-23 23:14 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-23 23:14 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-23 23:14 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-23 23:14 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-23 23:14 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-23 23:14 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-23 23:14 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-03-23 23:14 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-23 23:14 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-23 23:14 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 23:14 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-23 23:14 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-23 23:14 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-23 23:14 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-23 23:14 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-23 23:14 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-23 23:14 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-23 23:14 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-23 23:14 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-23 23:14 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-23 23:14 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-23 23:14 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-23 23:13 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-23 23:13 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-23 23:13 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-23 23:13 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-23 23:13 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-23 23:13 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-23 23:13 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-23 23:13 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-23 23:13 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-23 23:13 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-23 23:13 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-23 23:13 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-23 23:13 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-23 23:13 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-23 23:13 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-23 23:13 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-23 23:13 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-23 23:13 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-23 23:13 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-23 23:13 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-23 23:13 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-23 23:13 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-23 23:13 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-23 23:13 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-23 23:13 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-23 23:13 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-23 23:13 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-23 23:13 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-23 23:13 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-23 23:13 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-23 23:13 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-23 23:13 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-23 23:13 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-23 23:13 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-23 23:13 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-23 23:13 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-23 23:13 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-23 23:13 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-23 23:12 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-23 23:12 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-23 23:12 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-23 23:12 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-23 23:12 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-23 23:12 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-23 23:12 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-23 23:12 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-23 23:12 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-23 23:12 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-23 23:12 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-23 23:12 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-23 23:12 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-23 23:12 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-23 23:12 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-23 23:12 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-23 23:12 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-23 23:12 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-23 23:12 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-23 23:12 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-23 23:12 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-23 23:12 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-23 23:12 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-23 23:12 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-23 23:12 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-23 23:12 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-23 23:12 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-23 23:12 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-23 23:12 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-23 23:12 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-23 23:12 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-23 23:12 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-23 23:12 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-23 23:12 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-23 23:12 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-23 23:12 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-23 23:12 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-23 23:12 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-23 23:12 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-23 23:12 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-23 23:12 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-23 23:12 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-23 23:12 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-23 23:12 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-23 23:12 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-23 23:12 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-23 23:12 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-23 23:12 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-23 23:12 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-23 23:12 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-23 23:12 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-23 23:12 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-23 23:12 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-23 23:11 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-23 23:11 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-23 23:11 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-23 23:11 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-23 23:11 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-23 23:11 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-23 23:11 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-23 23:11 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-23 23:11 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-23 23:11 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-23 23:11 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-23 23:11 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-23 23:11 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-23 23:11 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-23 23:11 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-23 23:11 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-23 23:11 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-23 23:11 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-23 23:11 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-23 23:11 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-23 23:11 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-23 23:11 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-23 23:11 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-23 23:11 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-23 23:11 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-23 23:11 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-23 23:11 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-23 23:11 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-23 23:11 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-23 23:11 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-23 23:11 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-23 23:11 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-23 23:11 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-23 23:11 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-23 23:11 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-23 23:11 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-23 23:11 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-23 23:11 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-23 23:11 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-23 23:11 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-23 23:11 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-23 23:11 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-23 23:11 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-23 23:11 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-23 23:11 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-23 23:11 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-23 23:11 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-23 23:11 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-23 23:11 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-23 23:11 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-23 23:10 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-23 22:05 - 2017-04-10 10:40 - 00000000 ____D C:\Users\Владимир\Desktop\ЬИС
2017-03-20 07:06 - 2017-04-15 13:27 - 00000000 ___HD C:\$WINDOWS.~BT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-17 10:57 - 2015-03-20 21:36 - 00000000 ____D C:\ProgramData\STOPzilla!
2017-04-17 09:47 - 2016-07-17 00:51 - 00784974 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-17 09:47 - 2016-07-17 00:51 - 00395544 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-17 09:47 - 2015-08-06 13:51 - 02758262 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 09:44 - 2016-11-26 12:34 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Mozilla
2017-04-17 09:40 - 2016-11-15 13:56 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-04-17 09:40 - 2016-09-08 20:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-16 23:22 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-16 23:13 - 2013-01-27 12:37 - 00000000 ____D C:\Users\Владимир\AppData\Local\Google
2017-04-16 21:54 - 2016-09-08 19:50 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-15 17:26 - 2016-05-31 15:49 - 00000763 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2017-04-15 14:29 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-04-15 14:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-15 14:27 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-15 14:02 - 2017-01-26 15:09 - 00000000 ____D C:\WINDOWS\Panther
2017-04-15 13:36 - 2015-03-20 21:55 - 00000000 ____D C:\AdwCleaner
2017-04-15 12:02 - 2016-09-08 19:58 - 00000000 ____D C:\Users\Владимир
2017-04-15 12:02 - 2016-09-08 19:58 - 00000000 ____D C:\Users\Administrator
2017-04-15 12:01 - 2016-11-23 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-15 12:01 - 2015-05-05 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-14 14:51 - 2016-09-08 20:31 - 00003486 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-14 14:51 - 2016-09-08 20:31 - 00003362 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-14 14:40 - 2017-01-29 16:09 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-14 13:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-14 13:12 - 2013-12-03 23:48 - 00000000 ____D C:\Users\Владимир\Desktop\Spiele
2017-04-14 13:11 - 2015-06-11 18:15 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\LolClient
2017-04-13 20:25 - 2016-09-08 20:36 - 00000000 ____D C:\Program Files\MSBuild
2017-04-13 20:25 - 2016-08-13 07:52 - 00000000 ____D C:\Program Files\Bignox
2017-04-13 20:22 - 2013-07-06 14:00 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\uTorrent
2017-04-13 18:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-13 18:50 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 18:45 - 2016-09-08 19:49 - 05081424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 18:44 - 2013-06-09 14:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 18:44 - 2013-06-09 14:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 18:42 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-13 18:31 - 2014-04-06 09:26 - 00000000 ____D C:\ProgramData\IObit
2017-04-13 18:11 - 2013-01-19 20:37 - 00000000 ____D C:\Users\Владимир\AppData\Local\Unity
2017-04-13 18:02 - 2016-10-26 11:09 - 00021529 _____ C:\WINDOWS\unins000.dat
2017-04-13 17:14 - 2016-08-31 21:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-04-13 17:10 - 2013-06-09 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-13 16:32 - 2013-08-22 15:25 - 00000269 _____ C:\WINDOWS\win.ini
2017-04-13 12:42 - 2016-06-14 08:26 - 00000000 ____D C:\Users\Владимир\AppData\Local\SquirrelTemp
2017-04-13 10:43 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-11 21:25 - 2014-08-26 17:39 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-11 19:01 - 2015-04-04 19:54 - 00000000 ____D C:\Users\Владимир\AppData\Local\Steam
2017-04-11 12:31 - 2012-12-16 15:02 - 00000000 ____D C:\Users\Владимир\AppData\Local\Packages
2017-04-10 10:41 - 2017-03-09 17:04 - 00000000 ____D C:\Users\Владимир\Desktop\Terraria
2017-04-06 19:41 - 2014-02-10 21:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-06 19:40 - 2017-01-16 19:30 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-04-06 19:39 - 2013-02-11 21:01 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2017-04-06 18:35 - 2016-10-08 09:31 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\SA-MP Audio Plugin
2017-04-06 17:47 - 2015-08-29 18:47 - 00000000 ____D C:\Users\Владимир\.oracle_jre_usage
2017-04-03 21:32 - 2016-11-15 14:03 - 00001318 _____ C:\Users\Владимир\Desktop\Paint.lnk
2017-04-03 21:32 - 2016-04-17 19:03 - 00001162 _____ C:\Users\Владимир\Desktop\Cheat Engine.lnk
2017-04-03 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-28 08:20 - 2016-09-08 19:53 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-23 22:45 - 2014-01-04 19:58 - 00000132 _____ C:\Users\Владимир\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-04 19:58 - 2017-03-23 22:45 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-09-27 14:27 - 2015-09-27 14:27 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2016-01-31 18:57 - 2016-01-31 18:57 - 0000112 _____ () C:\Users\Владимир\AppData\Roaming\JP2K CS6 Prefs
2013-09-29 11:52 - 2013-09-29 11:52 - 0000000 _____ () C:\Users\Владимир\AppData\Roaming\lock.dat
2016-02-15 16:48 - 2016-02-15 16:48 - 0000000 _____ () C:\Users\Владимир\AppData\Roaming\mediaload.io.url.lock
2013-11-15 16:55 - 2013-11-27 20:14 - 0000736 _____ () C:\Users\Владимир\AppData\Roaming\tlauncher.rmo.ini
2016-10-30 15:27 - 2016-10-30 15:27 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Установки формата PNG Adobe CS6
2014-02-10 21:40 - 2014-02-10 21:40 - 0000000 ___SH () C:\Users\Владимир\AppData\Local\LumaEmu
2014-01-05 09:29 - 2014-01-05 09:29 - 0001563 _____ () C:\Users\Владимир\AppData\Local\recently-used.xbel
2014-10-04 20:38 - 2014-10-04 20:38 - 0007605 _____ () C:\Users\Владимир\AppData\Local\Resmon.ResmonCfg
2016-12-16 20:32 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Владимир\AppData\Local\TroubleshooterConfig.json
2016-09-08 19:53 - 2016-09-08 19:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-09-22 05:32 - 2012-09-22 05:32 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2012-09-22 05:33 - 2012-09-22 05:33 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-09-22 05:25 - 2012-09-22 05:26 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-09-22 05:30 - 2012-09-22 05:31 - 0000111 _____ () C:\ProgramData\{39337565-330E-4ab6-A9AE-AC81E0720B10}.log
2012-09-22 05:23 - 2012-09-22 05:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-09-22 05:28 - 2012-09-22 05:28 - 0000032 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-09-22 05:33 - 2012-09-22 05:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
2012-09-22 05:28 - 2012-09-22 05:30 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2012-09-22 05:24 - 2012-09-22 05:25 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2012-09-22 05:26 - 2012-09-22 05:26 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Владимир\update-NFS-CARBON.bat


Einige Dateien in TEMP:
====================
2017-04-15 14:19 - 2015-03-23 17:58 - 1207376 ____N (CANON INC.) C:\Users\Владимир\AppData\Local\Temp\MSETUP4.EXE

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-15 14:53

==================== Ende von FRST.txt ============================

GreenPerl · 17.04.2017, 10:12

Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-04-2017
durchgeführt von Владимир (17-04-2017 10:58:02)
Gestartet von C:\Users\Владимир\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-08 18:48:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3093447193-1613427322-2618303830-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3093447193-1613427322-2618303830-503 - Limited - Disabled)
Gast (S-1-5-21-3093447193-1613427322-2618303830-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3093447193-1613427322-2618303830-1007 - Limited - Enabled)
Владимир (S-1-5-21-3093447193-1613427322-2618303830-1001 - Administrator - Enabled) => C:\Users\Владимир

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Enabled - Up to date) {E375F917-FA8E-0C29-B3C0-275922AEB69A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{5D0428D2-B5EA-46C8-B678-5F0485BC1DA1}_is1) (Version: 13.0.1.0 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version:  - )
Axife Mouse Recorder Standard (HKLM-x32\...\Axife Mouse Recorder Standard_is1) (Version: Standard V6.0.2 - AutomaticSolution Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG5700 series Benutzerregistrierung (HKLM-x32\...\Canon MG5700 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Elsword 1.0 (HKLM-x32\...\Elsword_de_is1) (Version: 1.0 - Gameforge4d)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game Dev Tycoon Version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.552.36800 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Ground War Tanks (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Ground War Tanks) (Version: 1.91 - Mail.Ru)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E671D411-5F2E-45D6-957C-EB78641192AB}) (Version: 15.05.4000.1515 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Knight Online (HKLM\...\Steam App 389430) (Version:  - Noah System)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games)
LEGO Minifigures Online - 1  (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\423b93224c69643b) (Version: 1.0.0.0 - Funcom)
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\MK LOL) (Version:  - )
Mouse driver v1.1 (HKLM-x32\...\uni mouse driver) (Version:  - )
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MTA:SA v1.5.3 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.3 - Multi Theft Auto)
Need for Speed™ Undercover (HKLM-x32\...\Need for Speed™ Undercover_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
NextUp-ScanSoft Katerina Russian Voice (HKLM-x32\...\{8C52F1AF-A1C1-4F44-8760-4E1D4D2B4447}) (Version: 4.0.0 - NextUp.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Orion Live (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Orion Live) (Version: 1.1 - Mail.Ru)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.213.0 - Overwolf Ltd.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0072 - Pegatron Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.10.1-r112682-release - Plays.tv, LLC)
Pokemon Trading Card Game Online (HKLM-x32\...\{CEF0FDC7-85EA-4053-8669-3F5E54FCD9B0}) (Version: 2.25.0 - The Pokemon Company International)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
QuickBinder 1.7 (HKLM-x32\...\QuickBinder 1.7) (Version:  - )
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
ScreenShooter5 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\ScreenShooter5) (Version: 5.0 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Star Conflict Launcher 1.0.1.60 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
STOPzilla AntiMalware (HKLM-x32\...\{019A9AD2-F530-40DB-B27F-95EE1E77E6A8}) (Version: 6.5.2.59 - iS3, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.8.0.10 - GOG.com)
The Sims 3 Collections Edition (HKLM-x32\...\The Sims 3 Collections Edition_is1) (Version:  - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.66.2 - Electronic Arts)
Transformice (HKLM-x32\...\Steam App 335240) (Version:  - Atelier 801)
Transformice (HKLM-x32\...\Transformice) (Version: 1.0.0 - UNKNOWN)
Transformice (x32 Version: 1.0.0 - UNKNOWN) Hidden
Trove North America (HKLM-x32\...\Glyph Trove North America) (Version:  - Trion Worlds, Inc.)
Ultimate-Discounter Browser (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Ultimate-Discounter Browser) (Version: 2.25 - ultimate-discounter.com)
Unity Web Player (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3172492) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{EF472462-0A4C-480C-AE1B-FA192B0B17AB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VKSync 1.6 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\VKSync_v1_is1) (Version: 1.6 - VKSync.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warface (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Warface) (Version: 1.122 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wooxy version 1.4.2.2 (HKLM-x32\...\{C183CD14-47D8-4F98-AF06-4744CB834C8E}_is1) (Version: 1.4.2.2 - Chewy)
X-Mouse Button Control 2.13.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.13.1 - Highresolution Enterprises)
Говорилка (HKLM-x32\...\Говорилка 2_is1) (Version:  - Anton Ryazanov)
Игровой центр (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\GameCenterMailRu) (Version: 3.1156 - ООО "Мэйл.Ру Геймз")

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Владимир\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {033D3E24-94A4-4231-9067-85E0C299C41E} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation) <==== ACHTUNG
Task: {03AFE6F0-CCC9-43F5-8B87-0D3FCE59401A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {04489F53-F0CF-416C-ADBC-4AC75508BEA5} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Владимир\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {24D557AB-939B-4760-89CA-5E4F61C68C7F} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {6ED3CE73-8396-4BD7-9591-0AC08932E858} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14] (Google Inc.)
Task: {71CF621E-88F0-4A0E-9165-E488A8154DB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {7621D091-2678-471E-9DA7-90DE88C686E4} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe 
Task: {83569399-355A-452D-8A86-3EA4477C1EBA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {97DB6EEE-B3C9-489A-AD0C-3D45863EAB4C} - System32\Tasks\{DBB1B54C-7B2B-4562-98C7-156CC5335602} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {99529E7A-ADB3-4723-B9AE-EE9A2DA7850E} - System32\Tasks\{BFEDF5E7-1A00-4B58-84DD-FA3012E560D0} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/de/abandoninstall?page=tsProgressBar
Task: {9E69067A-B7E6-4F9C-81FC-BE66C71ED4DA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8D02010-A1ED-4D49-AF4A-31F033128E6B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {B2A413A4-6075-4AEC-B80D-41A053E1A708} - System32\Tasks\{454AB131-A977-4A0F-A4F0-2B355F6D6FD5} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {B77EED8F-3513-43AD-AE72-B29BD3E958B3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-09] (Adobe Systems Incorporated)
Task: {B7D2FB40-0F6A-472A-8DDE-E0A325454CE8} - System32\Tasks\{9066AE82-FEA3-4FE1-828C-02198DDB138B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.14.0.106.272/de/abandoninstall?page=tsProgressBar
Task: {BCE1CC24-943A-4EC3-93A9-0563646A0B91} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D0F043F1-DCC7-44CD-9239-298BA2EFE226} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D24274F8-C5A7-4C4C-B313-6851127C30FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D5A0511C-ED26-4EB4-8BA4-26DAEDD9A633} - System32\Tasks\{5B856681-4E5D-4E8E-B141-E11194800FD6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {E498229F-6EBF-4E71-A239-9D31D3EA82A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F46D1723-9B0F-4675-A9C4-B6F5FF52FC39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\0gpq9yhSEg64k63tcR.job => C:\Users\��������\AppData\Roaming\0gpq9yhSEg64k63tcR.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9FBMyZsgTEMdnyWA33LwrNWrt.job => C:\Users\��������\AppData\Roaming\9FBMyZsgTEMdnyWA33LwrNWrt.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\jOBV6Pms0URwG1b3H.job => C:\Users\��������\AppData\Roaming\jOBV6Pms0URwG1b3H.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\tU58wIot70Me6sh72.job => C:\Users\��������\AppData\Roaming\tU58wIot70Me6sh72.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Владимир\Desktop\Spiele\Игровой центр@Mail.Ru.lnk -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VKSync\Удалить VKSync.lnk -> C:\Users\Владимир\AppData\Local\VKSync\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Сайт игры Star Conflict.lnk -> C:\Program Files (x86)\Star Conflict\doc\sc_website_ru.url () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Удалить игру.lnk -> C:\Program Files (x86)\Star Conflict\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Форум игры Star Conflict.lnk -> C:\Program Files (x86)\Star Conflict\doc\sc_forum_ru.url () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA San Andreas\Запуск GTA San Andreas.lnk -> C:\Users\Владимир\Desktop\minecraft mit mods\SA GTA\gta_sa.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA San Andreas\Удалить Локализацию GTA San Andreas.lnk -> C:\Users\Владимир\Desktop\minecraft mit mods\SA GTA\Uninstall_loc.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\SendTo\МойМир@Mail.ru.lnk -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru Агент.lnk -> C:\Users\Владимир\AppData\Roaming\Mail.Ru\Agent\magent.exe (Keine Datei) <===== Cyrillic

ShortcutWithArgument: C:\Users\Владимир\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-13 20:26 - 2017-04-17 09:43 - 00624640 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-09-24 06:08 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-09-24 06:08 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2016-03-30 20:25 - 2016-03-30 20:25 - 00707072 _____ () C:\Riot Games\LolScreenSaver\service\service.exe
2013-01-26 19:09 - 2015-11-07 20:02 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-09-22 05:28 - 2010-08-19 11:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-04-13 18:24 - 2017-04-14 10:36 - 01528024 __RSH () C:\Windows\Microsoft\svchost.exe
2017-04-15 14:22 - 2016-02-04 11:53 - 00387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-09-24 06:08 - 2012-09-14 13:17 - 00844288 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-09-24 06:08 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-09-24 06:08 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-09-24 06:08 - 2012-03-27 20:48 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2016-09-15 22:00 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-23 23:11 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-23 23:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:58 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 10:25 - 2017-04-10 10:26 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2013-10-04 23:58 - 2013-10-04 23:58 - 00660128 _____ () C:\WINDOWS\SYSTEM32\MSVCP120.dll
2012-09-24 06:08 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-09-24 06:08 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2012-09-24 05:26 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Classes\exefile:  <===== ACHTUNG
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Classes\.exe: exefile =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2017-04-13 21:54 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Владимир\Desktop\57655806_p0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "filesfrog_apt_flvplayer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "gmsd_de_563"
HKLM\...\StartupApproved\Run32: => "gmsd_de_579"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "minecraft.net.exe"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "MAgent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A514171D209E742E32DFDF7475D227"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GameCenterMailRu"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_86F0DE8F533C9D94724628C0F67BC0A2"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "StartButton"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "rblbdqbvul"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C3BD0962-6C6B-4D5E-BB0A-A67EEB782EC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E9AEB8E2-5DE2-4D44-9E17-BDC98762055F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DA8DCC98-7164-4BBC-86E4-A2546F6D63AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FDAC223F-D588-4DFA-9BE3-4733B8A15846}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2D140D9D-9C90-4894-82CF-3FB8E7212800}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8649A94E-845B-4D71-B54A-A19E4AD35949}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7680748E-C884-4BC2-9729-8FE4F97F9A3A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3554F245-925C-4C5B-A0AC-D03D63DDD6E3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F01F5339-F5EC-43B3-88D3-C2BB1B94A031}] => (Allow) C:\AeriaGames\AuraKingdom-DE\game.bin
FirewallRules: [{52F0A2D8-E0F7-46C0-83D9-A75B56D8D116}] => (Allow) C:\AeriaGames\AuraKingdom-DE\game.bin
FirewallRules: [{F1C56F20-62C0-492D-97D6-CFB05DB7FE8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9FCFBC0F-FFD9-4FF4-B0A6-5C12C28672C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{70ECB3AE-D243-4B8E-8310-DAE37777B563}C:\program files (x86)\lsi\lolsummonerinfo.exe] => (Allow) C:\program files (x86)\lsi\lolsummonerinfo.exe
FirewallRules: [TCP Query User{A061980A-CBB5-4A39-9C7B-EAF2247ACB25}C:\program files (x86)\lsi\lolsummonerinfo.exe] => (Allow) C:\program files (x86)\lsi\lolsummonerinfo.exe
FirewallRules: [{DC94B716-C630-48F4-84CC-023A7D093DBC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B9CCFB98-A942-483D-92F5-6590DEA54693}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A86867F5-5815-4BF1-AC26-09628809E96C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{845E8330-B737-42D2-935F-1C22FDF798F4}] => (Allow) %SystemDrive%\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{8BF9C2A1-B04F-48A3-911D-477A305DD9D1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{EC1DC2B9-B655-4A5C-9F1A-8A45D141F7D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{84EC7574-D11F-4B99-A632-F34E562B4E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{10020E5F-081A-4DF5-A16B-206C4D4E07D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C01B9BAD-9E35-4EBC-84C6-DA50A21FB5C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1B60428D-C214-408A-904F-B7E5C6AA6377}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{944E776E-07B5-4B1A-97C3-301704418987}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{2C4F49B7-129C-4CEE-9A88-33F835AA0092}C:\users\владимир\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\владимир\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{6CF4D29C-0E52-40F3-8F0A-55A29D4DCC62}C:\users\владимир\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\владимир\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C05739DD-689C-4781-BA63-6436CC0DA248}C:\ubisoft\ghost recon online\pdc-live\ghostreconphantoms.exe] => (Allow) C:\ubisoft\ghost recon online\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{90E81AD5-F25B-4438-B52F-A18CA990A3D6}C:\ubisoft\ghost recon online\pdc-live\ghostreconphantoms.exe] => (Allow) C:\ubisoft\ghost recon online\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{C6999D4A-5D05-47AD-9BB7-75CF6CAA665C}C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\laun...app_2e973cc213891be7_0001.0024_22e7619668984482\launcher.exe] => (Allow) C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\laun...app_2e973cc213891be7_0001.0024_22e7619668984482\launcher.exe
FirewallRules: [TCP Query User{882EB155-A20B-4863-9DFE-62358401F6BD}C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\laun...app_2e973cc213891be7_0001.0024_22e7619668984482\launcher.exe] => (Allow) C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\laun...app_2e973cc213891be7_0001.0024_22e7619668984482\launcher.exe
FirewallRules: [UDP Query User{1E707841-F5C4-41A6-9BAF-4DDAB548F837}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{0CEEFAB0-BBB3-469A-8567-840370A1920C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9A0DE997-D661-4FE0-B680-0655176705DE}C:\users\владимир\appdata\roaming\7road\laba\counter_strike_source\counter_strike_source\hl2.exe] => (Allow) C:\users\владимир\appdata\roaming\7road\laba\counter_strike_source\counter_strike_source\hl2.exe
FirewallRules: [TCP Query User{A8EFDA0F-DE57-4924-BA02-8F0A155A37A0}C:\users\владимир\appdata\roaming\7road\laba\counter_strike_source\counter_strike_source\hl2.exe] => (Allow) C:\users\владимир\appdata\roaming\7road\laba\counter_strike_source\counter_strike_source\hl2.exe
FirewallRules: [UDP Query User{FB297146-1B0A-401C-92DA-0F9AEA6F6D5E}C:\program files (x86)\assetto corsa\acs.exe] => (Allow) C:\program files (x86)\assetto corsa\acs.exe
FirewallRules: [TCP Query User{7B6CBB6D-4591-42F9-A863-6FACB7ABC77C}C:\program files (x86)\assetto corsa\acs.exe] => (Allow) C:\program files (x86)\assetto corsa\acs.exe
FirewallRules: [{08D781EF-F63D-4C4D-B9EA-857ECB226A95}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{50BB3984-9127-4EB5-B7D6-3B67E489A57D}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{8F2C10B7-4589-4DA2-AF59-54CF3FC78BDD}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{D9DE5E11-CA88-4CC9-82DE-3B22C7A518EF}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{DF4365EA-EFD6-4A7F-BA40-DD33860303E3}C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\lego...app_8c161902ccf9ca2a_0001.0000_1277cc1e021b3644\lmo.exe] => (Allow) C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\lego...app_8c161902ccf9ca2a_0001.0000_1277cc1e021b3644\lmo.exe
FirewallRules: [TCP Query User{11CDE80C-87F8-4AC3-98CF-F5A1130BFAC6}C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\lego...app_8c161902ccf9ca2a_0001.0000_1277cc1e021b3644\lmo.exe] => (Allow) C:\users\владимир\appdata\local\apps\2.0\kvjnp7h7.e7q\eyz999kl.8re\lego...app_8c161902ccf9ca2a_0001.0000_1277cc1e021b3644\lmo.exe
FirewallRules: [{27DCE035-5724-4B5F-8721-07BEE763CEF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A33325EA-9571-4385-A88D-45F0EBBC125B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F56204F9-7E26-431E-A8D4-08FA6549DA8D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8E4BB1F8-8037-44E8-9E9C-B40D3F51386C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{0895A9AE-5C52-4D4A-93A7-610724A39AB9}C:\users\владимир\desktop\spiele\centurymine (5).exe] => (Allow) C:\users\владимир\desktop\spiele\centurymine (5).exe
FirewallRules: [TCP Query User{655B0006-2E26-4195-BC8C-EE6CD808377B}C:\users\владимир\desktop\spiele\centurymine (5).exe] => (Allow) C:\users\владимир\desktop\spiele\centurymine (5).exe
FirewallRules: [{B0A307F4-042A-463B-A3C6-1D95AAC1FC84}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C137899A-5D43-4FE9-B83B-178DDE11EADE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{14DBB377-3045-4E49-8B13-61CD41C8C1BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C0B69CBD-73F1-4ADA-B293-2470DD4D5FA8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A54CA3EF-B3F1-4003-84A4-4894565BBB23}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{CF068A0A-5185-4589-8C87-F506422FAB99}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B059939C-8C53-49ED-8263-80754970C589}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6D3B59B1-0C51-43E4-8FBA-89A20157BA47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{D1AFD879-6F3D-47F5-AD68-00BFC4ABD98A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [TCP Query User{A641C9DF-79EF-4D0C-8740-59E0E91C173D}C:\users\владимир\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\владимир\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A8D1A24C-9037-4638-91E1-1A9AEF27E807}C:\users\владимир\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\владимир\appdata\local\akamai\netsession_win.exe
FirewallRules: [{9954FFF8-1AB1-49E7-AC27-07529741B790}] => (Block) C:\users\владимир\appdata\local\akamai\netsession_win.exe
FirewallRules: [{E6631551-7D9F-4B2F-A248-3CE386ED29CD}] => (Block) C:\users\владимир\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0F983B3D-4476-4C28-9446-ABA1E74D33C4}C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe] => (Allow) C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe
FirewallRules: [UDP Query User{5DE76FFB-AD7A-4B49-B7FA-D2C4649097E7}C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe] => (Allow) C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe
FirewallRules: [{FC48BCCD-FEE7-42A1-A10A-67DEC2C7C84F}] => (Block) C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe
FirewallRules: [{8FCCB411-BDAE-4C16-A8A3-39731B8A54D2}] => (Block) C:\users\владимир\appdata\roaming\excjava\bin\javaw.exe
FirewallRules: [{0EE5A3C6-5BC4-4221-BC11-FD4897426F66}] => (Allow) C:\Users\Владимир\Desktop\Spiele\Simcity\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{8D82FE41-7213-4A08-A1B7-A7B532B2CA09}] => (Allow) C:\Users\Владимир\Desktop\Spiele\Simcity\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [TCP Query User{938B74F5-F3D7-4FF7-B62B-9AB3A33AB41A}C:\program files (x86)\star conflict\launcher.exe] => (Allow) C:\program files (x86)\star conflict\launcher.exe
FirewallRules: [UDP Query User{50379183-BEC6-4F32-95D7-E644B820F2B4}C:\program files (x86)\star conflict\launcher.exe] => (Allow) C:\program files (x86)\star conflict\launcher.exe
FirewallRules: [{D49B3164-1C24-4C0C-B75A-B08846731CC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{A7D06B4B-7871-4418-AC40-A410A1CA2034}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{345649C5-3251-4BA5-8330-0A015A161A78}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{0F164731-F387-4173-8D12-C4A4E96ACFBD}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [TCP Query User{58413224-2A43-4F4A-A598-D0212A8F9C8D}C:\users\владимир\desktop\minecraft mit mods\counter-strike 1.6\hl.exe] => (Allow) C:\users\владимир\desktop\minecraft mit mods\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{78E9CBCD-2526-4A5F-9665-8744D8EA0C18}C:\users\владимир\desktop\minecraft mit mods\counter-strike 1.6\hl.exe] => (Allow) C:\users\владимир\desktop\minecraft mit mods\counter-strike 1.6\hl.exe
FirewallRules: [{F81AEB50-9DD8-4549-9AF5-DCDFB20E4192}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EC03B2E1-6926-47F0-94CA-AFABEF5716E1}] => (Allow) LPort=2869
FirewallRules: [{0D7CDEF9-BDFE-4468-B2C4-9CF0ECAA2514}] => (Allow) LPort=1900
FirewallRules: [{BDADB969-0520-402E-A73D-C9DE9CB75FCB}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{F1A75D38-0A9D-4EE2-8FF0-A9423B7E8812}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0EAC3A38-D019-4E6C-9079-2B5E82447881}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CFD91F52-40D5-4173-BBAC-4BB180F4E8F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{192186BD-2E07-4B3A-88A5-AAFBB4943C58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8064A6E9-A9A4-419D-AE8C-2A7719569C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{8E1DE6D5-164D-4707-B61D-E69C6551C55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{23619D88-2C15-499C-A1AD-88D5897B5082}] => (Allow) C:\Users\Владимир\Desktop\AUKI-MMONetwork-2.09b-20161031\game.bin
FirewallRules: [{1F119841-8E94-4B54-8857-06802C0C5C66}] => (Allow) C:\Users\Владимир\Desktop\AUKI-MMONetwork-2.09b-20161031\game.bin
FirewallRules: [{1994D088-3D8A-4309-A469-440312E56114}] => (Allow) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{E3FB941D-08F9-4E18-90A8-2F6E2B5001A4}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.806\opera.exe
FirewallRules: [{198609D9-2F5A-45FE-A7C0-2D15FEF3D7F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knight Online\Launcher.exe
FirewallRules: [{B0C28BE1-BBA3-404F-A588-2AFC2F0FE1C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knight Online\Launcher.exe
FirewallRules: [{3D8618E2-10E2-40ED-BCB8-94C65BD01D0B}] => (Allow) C:\Users\Владимир\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{693FFA73-0C19-42DD-9359-7D447BDB4A21}] => (Allow) C:\Users\Владимир\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{51C0230F-6E35-4AB6-9356-96D4A75012E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Sims 3 Collections Edition\Game\Bin\TS3.exe] => Disabled:Sims3

==================== Wiederherstellungspunkte =========================

13-04-2017 16:29:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/17/2017 09:47:20 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/16/2017 11:19:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 57.0.2987.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c1c

Startzeit: 01d2b6f6bc5c8b6f

Beendigungszeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 464ea571-22ea-11e7-80af-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/16/2017 11:12:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 15.0.4911.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18c8

Startzeit: 01d2b6e3559ba2c7

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE

Berichts-ID: 60b4261e-22e9-11e7-80af-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/16/2017 10:24:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/15/2017 02:47:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 57.0.2987.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2544

Startzeit: 01d2b5e5dc194e45

Beendigungszeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 7821c120-21d9-11e7-80ad-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/15/2017 02:21:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSETUP4.EXE, Version: 16.0.0.0, Zeitstempel: 0x550fb258
Name des fehlerhaften Moduls: CNMDWLD.DLL, Version: 1.0.0.0, Zeitstempel: 0x4ec1fdc5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023c6
ID des fehlerhaften Prozesses: 0x15d4
Startzeit der fehlerhaften Anwendung: 0x01d2b5e2bd5ccc69
Pfad der fehlerhaften Anwendung: C:\Users\18EE~1\AppData\Local\Temp\MSETUP4.EXE
Pfad des fehlerhaften Moduls: E:\WIN\CNMDWLD.DLL
Berichtskennung: 23b602cb-bb92-401f-890c-9fc88baa9674
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/15/2017 11:31:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/14/2017 09:17:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 57.0.2987.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d58

Startzeit: 01d2b523274b6b44

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 0ad6be4a-2147-11e7-80ab-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/14/2017 08:34:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wladimir)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/14/2017 08:34:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wladimir)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/17/2017 09:43:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_72108" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PlaysService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PlaysService erreicht.

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Recover" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Recover erreicht.

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SystemUsageReportSvc_QUEENCREEK" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/17/2017 09:40:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SystemUsageReportSvc_QUEENCREEK erreicht.

Error: (04/16/2017 11:22:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/16/2017 08:55:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_73c1a" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (04/16/2017 08:52:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Recover" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 3972.63 MB
Verfügbarer physikalischer RAM: 1672.7 MB
Summe virtueller Speicher: 4868.63 MB
Verfügbarer virtueller Speicher: 2349.16 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:402.9 GB) (Free:107.27 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:24.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3A192899)

Partition: GPT.

==================== Ende von Addition.txt ============================

GreenPerl · 17.04.2017, 10:24

TDDSKILLER LOG 1teil:

Code:

ATTFilter

11:17:24.0556 0x0960  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:17:24.0556 0x0960  UEFI system
11:17:28.0005 0x0960  ============================================================
11:17:28.0005 0x0960  Current date / time: 2017/04/17 11:17:28.0005
11:17:28.0007 0x0960  SystemInfo:
11:17:28.0007 0x0960  
11:17:28.0007 0x0960  OS Version: 10.0.14393 ServicePack: 0.0
11:17:28.0007 0x0960  Product type: Workstation
11:17:28.0007 0x0960  ComputerName: WLADIMIR
11:17:28.0007 0x0960  UserName: Владимир
11:17:28.0007 0x0960  Windows directory: C:\WINDOWS
11:17:28.0007 0x0960  System windows directory: C:\WINDOWS
11:17:28.0007 0x0960  Running under WOW64
11:17:28.0007 0x0960  Processor architecture: Intel x64
11:17:28.0007 0x0960  Number of processors: 2
11:17:28.0007 0x0960  Page size: 0x1000
11:17:28.0007 0x0960  Boot type: Normal boot
11:17:28.0008 0x0960  CodeIntegrityOptions = 0x00000001
11:17:28.0008 0x0960  ============================================================
11:17:28.0452 0x0960  KLMD registered as C:\WINDOWS\system32\drivers\69441229.sys
11:17:28.0452 0x0960  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
11:17:28.0759 0x0960  System UUID: {C6222364-841B-D766-A802-056497CEAE8D}
11:17:30.0080 0x0960  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:30.0107 0x0960  ============================================================
11:17:30.0107 0x0960  \Device\Harddisk0\DR0:
11:17:30.0107 0x0960  GPT partitions:
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {989A4035-51D0-4F22-AAF4-6B99EE47EF5D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4241CBC3-0FA5-4A42-8A5C-5C1C0C5848F3}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {287E31EA-4E0A-4BAE-99A6-2B47D907C71A}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {41A4790F-EB6C-4CC4-9592-E7CA5BC376CD}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C0B41F69-B272-422F-8545-4F97DD4FA051}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x325CD18A
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F245B107-2E25-4DEE-8521-E7B7B0B78E7C}, Name: , StartLBA 0x32939800, BlocksNum 0x19C800
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4BF22567-96EC-452B-833E-2A619EC01DE2}, Name: , StartLBA 0x32AD6000, BlocksNum 0xAF000
11:17:30.0108 0x0960  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E7B17613-A36F-43B9-B1BE-6C178AD9EDCA}, Name: Basic data partition, StartLBA 0x32B85000, BlocksNum 0x77FE800
11:17:30.0108 0x0960  MBR partitions:
11:17:30.0108 0x0960  ============================================================
11:17:30.0211 0x0960  C: <-> \Device\Harddisk0\DR0\Partition5
11:17:30.0261 0x0960  D: <-> \Device\Harddisk0\DR0\Partition8
11:17:30.0262 0x0960  ============================================================
11:17:30.0262 0x0960  Initialize success
11:17:30.0262 0x0960  ============================================================
11:19:06.0652 0x09cc  ============================================================
11:19:06.0652 0x09cc  Scan started
11:19:06.0652 0x09cc  Mode: Manual; SigCheck; TDLFS; 
11:19:06.0652 0x09cc  ============================================================
11:19:06.0652 0x09cc  KSN ping started
11:19:06.0778 0x09cc  KSN ping finished: true
11:19:13.0349 0x09cc  ================ Scan system memory ========================
11:19:13.0349 0x09cc  System memory - ok
11:19:13.0351 0x09cc  ================ Scan services =============================
11:19:13.0612 0x09cc  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
11:19:13.0855 0x09cc  1394ohci - ok
11:19:13.0912 0x09cc  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
11:19:13.0974 0x09cc  3ware - ok
11:19:14.0079 0x09cc  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
11:19:14.0269 0x09cc  ACPI - ok
11:19:14.0297 0x09cc  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
11:19:14.0357 0x09cc  AcpiDev - ok
11:19:14.0387 0x09cc  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
11:19:14.0457 0x09cc  acpiex - ok
11:19:14.0482 0x09cc  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
11:19:14.0552 0x09cc  acpipagr - ok
11:19:14.0632 0x09cc  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
11:19:14.0720 0x09cc  AcpiPmi - ok
11:19:14.0769 0x09cc  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
11:19:14.0836 0x09cc  acpitime - ok
11:19:15.0086 0x09cc  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:19:15.0357 0x09cc  AdobeFlashPlayerUpdateSvc - ok
11:19:15.0502 0x09cc  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
11:19:15.0698 0x09cc  ADP80XX - ok
11:19:15.0801 0x09cc  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
11:19:15.0906 0x09cc  AFD - ok
11:19:16.0050 0x09cc  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:19:16.0291 0x09cc  ahcache - ok
11:19:16.0352 0x09cc  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
11:19:16.0420 0x09cc  AJRouter - ok
11:19:16.0471 0x09cc  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
11:19:16.0541 0x09cc  ALG - ok
11:19:16.0629 0x09cc  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
11:19:16.0748 0x09cc  AmdK8 - ok
11:19:16.0804 0x09cc  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
11:19:16.0868 0x09cc  AmdPPM - ok
11:19:16.0894 0x09cc  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
11:19:16.0948 0x09cc  amdsata - ok
11:19:16.0986 0x09cc  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
11:19:17.0079 0x09cc  amdsbs - ok
11:19:17.0102 0x09cc  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
11:19:17.0141 0x09cc  amdxata - ok
11:19:17.0192 0x09cc  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5, F0121EACB6060DF1F6C5F79C15D5B483F301EF85B3C79F67806520BE9CEE398E ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
11:19:17.0307 0x09cc  AMPPAL - ok
11:19:17.0377 0x09cc  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
11:19:17.0428 0x09cc  AppID - ok
11:19:17.0492 0x09cc  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
11:19:17.0733 0x09cc  AppIDSvc - ok
11:19:17.0790 0x09cc  [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
11:19:17.0936 0x09cc  Appinfo - ok
11:19:17.0954 0x09cc  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
11:19:18.0061 0x09cc  applockerfltr - ok
11:19:18.0229 0x09cc  [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
11:19:18.0396 0x09cc  AppReadiness - ok
11:19:18.0661 0x09cc  [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
11:19:19.0059 0x09cc  AppXSvc - ok
11:19:19.0117 0x09cc  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
11:19:19.0170 0x09cc  arcsas - ok
11:19:19.0269 0x09cc  [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
11:19:19.0299 0x09cc  ASLDRService - ok
11:19:19.0321 0x09cc  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
11:19:19.0380 0x09cc  AsyncMac - ok
11:19:19.0433 0x09cc  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
11:19:19.0468 0x09cc  atapi - ok
11:19:19.0558 0x09cc  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:19:19.0675 0x09cc  AudioEndpointBuilder - ok
11:19:19.0869 0x09cc  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
11:19:20.0204 0x09cc  Audiosrv - ok
11:19:20.0261 0x09cc  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
11:19:20.0411 0x09cc  AxInstSV - ok
11:19:20.0656 0x09cc  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
11:19:20.0774 0x09cc  b06bdrv - ok
11:19:20.0819 0x09cc  [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:19:20.0874 0x09cc  BasicDisplay - ok
11:19:20.0926 0x09cc  [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
11:19:20.0978 0x09cc  BasicRender - ok
11:19:21.0037 0x09cc  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
11:19:21.0087 0x09cc  bcmfn - ok
11:19:21.0124 0x09cc  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
11:19:21.0179 0x09cc  bcmfn2 - ok
11:19:21.0262 0x09cc  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
11:19:21.0370 0x09cc  BDESVC - ok
11:19:21.0420 0x09cc  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:19:21.0466 0x09cc  Beep - ok
11:19:21.0577 0x09cc  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
11:19:21.0777 0x09cc  BFE - ok
11:19:21.0905 0x09cc  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
11:19:22.0153 0x09cc  BITS - ok
11:19:22.0218 0x09cc  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
11:19:22.0290 0x09cc  bowser - ok
11:19:22.0401 0x09cc  [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:19:22.0571 0x09cc  BrokerInfrastructure - ok
11:19:22.0628 0x09cc  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
11:19:22.0730 0x09cc  Browser - ok
11:19:22.0878 0x09cc  [ 3CDF556B0E0BB24F294BB367B2697A0F, 0F0E77A8F4BD17A55807B39A068A8B5AB0BDC955BFFFE7403EEFC4F63958A2EF ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
11:19:22.0980 0x09cc  BstHdAndroidSvc - ok
11:19:23.0023 0x09cc  [ C4DB93A4A077D85D18084EA6E48C9B3B, 97F66A5D28801D7913DBAF3CF227B9B04CC0623CAB53B459C99449CDD55A281B ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
11:19:23.0059 0x09cc  BstHdDrv - ok
11:19:23.0134 0x09cc  [ 67D298AF5CA2449BD22C7CC7F52B0D4F, 91DB067CFB956DFB0EDA3608D47820ADF5ED66092464BD0DC12BE084ACADBF6C ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
11:19:23.0197 0x09cc  BstHdLogRotatorSvc - ok
11:19:23.0264 0x09cc  [ D5E482E8DDAC0F2A51AEA26D03796D7E, C976B92ACF20209292AE8C787D882C4CDEC45A58C20989F64D7D77E9B9013A85 ] BstHdPlusAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
11:19:23.0332 0x09cc  BstHdPlusAndroidSvc - ok
11:19:23.0396 0x09cc  [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv         C:\Program Files (x86)\BlueStacks\BstkDrv.sys
11:19:23.0437 0x09cc  BstkDrv - ok
11:19:23.0486 0x09cc  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:19:23.0539 0x09cc  BthAvrcpTg - ok
11:19:23.0567 0x09cc  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
11:19:23.0616 0x09cc  BthHFEnum - ok
11:19:23.0635 0x09cc  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
11:19:23.0695 0x09cc  bthhfhid - ok
11:19:23.0778 0x09cc  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
11:19:23.0859 0x09cc  BthHFSrv - ok
11:19:23.0890 0x09cc  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
11:19:23.0941 0x09cc  BTHMODEM - ok
11:19:24.0000 0x09cc  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
11:19:24.0075 0x09cc  BthPan - ok
11:19:24.0205 0x09cc  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
11:19:24.0395 0x09cc  BTHPORT - ok
11:19:24.0454 0x09cc  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
11:19:24.0524 0x09cc  bthserv - ok
11:19:24.0622 0x09cc  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
11:19:24.0669 0x09cc  BTHUSB - ok
11:19:24.0720 0x09cc  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
11:19:24.0806 0x09cc  buttonconverter - ok
11:19:24.0865 0x09cc  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
11:19:24.0936 0x09cc  CapImg - ok
11:19:24.0969 0x09cc  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:19:25.0029 0x09cc  cdfs - ok
11:19:25.0097 0x09cc  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
11:19:25.0189 0x09cc  CDPSvc - ok
11:19:25.0267 0x09cc  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
11:19:25.0366 0x09cc  CDPUserSvc - ok
11:19:25.0431 0x09cc  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
11:19:25.0491 0x09cc  cdrom - ok
11:19:25.0548 0x09cc  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
11:19:25.0617 0x09cc  CertPropSvc - ok
11:19:25.0692 0x09cc  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
11:19:25.0767 0x09cc  cht4iscsi - ok
11:19:25.0972 0x09cc  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
11:19:26.0219 0x09cc  cht4vbd - ok
11:19:26.0271 0x09cc  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
11:19:26.0328 0x09cc  circlass - ok
11:19:26.0417 0x09cc  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
11:19:26.0504 0x09cc  CLFS - ok
11:19:26.0608 0x09cc  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
11:19:26.0726 0x09cc  ClipSVC - ok
11:19:26.0755 0x09cc  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
11:19:26.0828 0x09cc  clreg - ok
11:19:26.0896 0x09cc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
11:19:26.0933 0x09cc  CLVirtualDrive - ok
11:19:26.0978 0x09cc  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
11:19:27.0037 0x09cc  CmBatt - ok
11:19:27.0122 0x09cc  [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
11:19:27.0226 0x09cc  CNG - ok
11:19:27.0250 0x09cc  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
11:19:27.0289 0x09cc  cnghwassist - ok
11:19:27.0408 0x09cc  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
11:19:27.0454 0x09cc  CompositeBus - ok
11:19:27.0468 0x09cc  COMSysApp - ok
11:19:27.0499 0x09cc  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
11:19:27.0546 0x09cc  condrv - ok
11:19:27.0627 0x09cc  [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
11:19:27.0742 0x09cc  CoreMessagingRegistrar - ok
11:19:27.0876 0x09cc  [ 5D19617245C798A0EED86D4D36B8C6E8, 90AB9125B1A56134489E81CE5AEE1F2C7005BE505E52603B1A884A2B8C3C4735 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:19:27.0963 0x09cc  cphs - ok
11:19:28.0036 0x09cc  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:19:28.0342 0x09cc  CryptSvc - ok
11:19:28.0527 0x09cc  [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
11:19:28.0564 0x09cc  CyberLink PowerDVD 10 MS Monitor Service - ok
11:19:28.0644 0x09cc  [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
11:19:28.0762 0x09cc  CyberLink PowerDVD 10 MS Service - ok
11:19:28.0809 0x09cc  [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam             C:\WINDOWS\system32\drivers\dam.sys
11:19:28.0855 0x09cc  dam - ok
11:19:28.0990 0x09cc  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:19:29.0164 0x09cc  DcomLaunch - ok
11:19:29.0220 0x09cc  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
11:19:29.0352 0x09cc  DcpSvc - ok
11:19:29.0443 0x09cc  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
11:19:30.0179 0x09cc  defragsvc - ok
11:19:30.0296 0x09cc  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:19:30.0481 0x09cc  DeviceAssociationService - ok
11:19:30.0536 0x09cc  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
11:19:30.0671 0x09cc  DeviceInstall - ok
11:19:30.0750 0x09cc  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
11:19:30.0832 0x09cc  DevQueryBroker - ok
11:19:30.0891 0x09cc  [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
11:19:30.0982 0x09cc  Dfsc - ok
11:19:31.0041 0x09cc  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:19:31.0081 0x09cc  dg_ssudbus - ok
11:19:31.0176 0x09cc  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:19:31.0300 0x09cc  Dhcp - ok
11:19:31.0406 0x09cc  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
11:19:31.0521 0x09cc  diagnosticshub.standardcollector.service - ok
11:19:31.0806 0x09cc  [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
11:19:32.0180 0x09cc  DiagTrack - ok
11:19:32.0230 0x09cc  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
11:19:32.0286 0x09cc  disk - ok
11:19:32.0379 0x09cc  [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
11:19:32.0491 0x09cc  DmEnrollmentSvc - ok
11:19:32.0553 0x09cc  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
11:19:32.0602 0x09cc  dmvsc - ok
11:19:32.0648 0x09cc  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
11:19:32.0751 0x09cc  dmwappushservice - ok
11:19:32.0813 0x09cc  [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:19:32.0907 0x09cc  Dnscache - ok
11:19:32.0988 0x09cc  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:19:33.0069 0x09cc  dot3svc - ok
11:19:33.0137 0x09cc  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
11:19:33.0209 0x09cc  DPS - ok
11:19:33.0226 0x09cc  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
11:19:33.0269 0x09cc  drmkaud - ok
11:19:33.0331 0x09cc  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
11:19:33.0424 0x09cc  DsmSvc - ok
11:19:33.0483 0x09cc  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
11:19:33.0553 0x09cc  DsSvc - ok
11:19:33.0792 0x09cc  [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:19:34.0035 0x09cc  DXGKrnl - ok
11:19:34.0082 0x09cc  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:19:34.0110 0x09cc  EapHost - ok
11:19:34.0285 0x09cc  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
11:19:34.0432 0x09cc  ebdrv - ok
11:19:34.0481 0x09cc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
11:19:34.0498 0x09cc  EFS - ok
11:19:34.0511 0x09cc  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
11:19:34.0528 0x09cc  EhStorClass - ok
11:19:34.0564 0x09cc  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:19:34.0581 0x09cc  EhStorTcgDrv - ok
11:19:34.0613 0x09cc  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
11:19:34.0641 0x09cc  embeddedmode - ok
11:19:34.0685 0x09cc  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
11:19:34.0716 0x09cc  EntAppSvc - ok
11:19:34.0738 0x09cc  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
11:19:34.0755 0x09cc  ErrDev - ok
11:19:34.0905 0x09cc  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
11:19:34.0971 0x09cc  ESRV_SVC_QUEENCREEK - ok
11:19:35.0029 0x09cc  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
11:19:35.0065 0x09cc  EventSystem - ok
11:19:35.0105 0x09cc  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
11:19:35.0138 0x09cc  exfat - ok
11:19:35.0246 0x09cc  [ 5C5A85C6A519BF1E9B7818DDA3F86192, 263BA7E72ECCD2E2BB56EFA2F475A77717452F9AB1F5F53488387F494600622F ] FairplayKD      C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys
11:19:35.0258 0x09cc  FairplayKD - ok
11:19:35.0300 0x09cc  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
11:19:35.0326 0x09cc  fastfat - ok
11:19:35.0380 0x09cc  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
11:19:35.0427 0x09cc  Fax - ok
11:19:35.0448 0x09cc  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
11:19:35.0466 0x09cc  fdc - ok
11:19:35.0512 0x09cc  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
11:19:35.0541 0x09cc  fdPHost - ok
11:19:35.0566 0x09cc  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
11:19:35.0589 0x09cc  FDResPub - ok
11:19:35.0649 0x09cc  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
11:19:35.0670 0x09cc  fhsvc - ok
11:19:35.0707 0x09cc  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
11:19:35.0740 0x09cc  FileCrypt - ok
11:19:35.0761 0x09cc  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
11:19:35.0777 0x09cc  FileInfo - ok
11:19:35.0801 0x09cc  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
11:19:35.0821 0x09cc  Filetrace - ok
11:19:35.0841 0x09cc  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
11:19:35.0859 0x09cc  flpydisk - ok
11:19:35.0887 0x09cc  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:19:35.0911 0x09cc  FltMgr - ok
11:19:36.0012 0x09cc  [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache       C:\WINDOWS\system32\FntCache.dll
11:19:36.0126 0x09cc  FontCache - ok
11:19:36.0268 0x09cc  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:19:36.0282 0x09cc  FontCache3.0.0.0 - ok
11:19:36.0342 0x09cc  [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
11:19:36.0410 0x09cc  FrameServer - ok
11:19:36.0427 0x09cc  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
11:19:36.0442 0x09cc  FsDepends - ok
11:19:36.0459 0x09cc  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:19:36.0472 0x09cc  Fs_Rec - ok
11:19:36.0538 0x09cc  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:19:36.0577 0x09cc  fvevol - ok
11:19:36.0630 0x09cc  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
11:19:36.0651 0x09cc  gencounter - ok
11:19:36.0684 0x09cc  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
11:19:36.0713 0x09cc  genericusbfn - ok
11:19:36.0780 0x09cc  [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
11:19:36.0793 0x09cc  GFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:19:36.0848 0x09cc  Detect skipped due to KSN trusted
11:19:36.0848 0x09cc  GFNEXSrv - ok
11:19:36.0893 0x09cc  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:19:36.0911 0x09cc  GPIOClx0101 - ok
11:19:37.0010 0x09cc  [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
11:19:37.0094 0x09cc  gpsvc - ok
11:19:37.0105 0x09cc  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
11:19:37.0136 0x09cc  GpuEnergyDrv - ok
11:19:37.0213 0x09cc  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:19:37.0227 0x09cc  gupdate - ok
11:19:37.0235 0x09cc  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:19:37.0246 0x09cc  gupdatem - ok
11:19:37.0282 0x09cc  [ E12F4898F46ACA0D0AB0CC6483E94377, BD65F0862642710DFA513DBDFD915027AF9E3DB8E9C208EE6BC81F26DCCCFF54 ] hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
11:19:37.0291 0x09cc  hamachi - ok
11:19:37.0313 0x09cc  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
11:19:37.0339 0x09cc  HDAudBus - ok
11:19:37.0379 0x09cc  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
11:19:37.0393 0x09cc  HidBatt - ok
11:19:37.0426 0x09cc  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
11:19:37.0445 0x09cc  HidBth - ok
11:19:37.0466 0x09cc  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
11:19:37.0483 0x09cc  hidi2c - ok
11:19:37.0522 0x09cc  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
11:19:37.0537 0x09cc  hidinterrupt - ok
11:19:37.0553 0x09cc  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
11:19:37.0570 0x09cc  HidIr - ok
11:19:37.0609 0x09cc  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
11:19:37.0642 0x09cc  hidserv - ok
11:19:37.0688 0x09cc  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:19:37.0718 0x09cc  HidUsb - ok
11:19:37.0758 0x09cc  [ DA5FCD70EBE32E9DCF2DF5992FCFE59F, F07FF9364C8A94953B2E4545EE9715BEBB9D8C29C4964B1CBA8A9377115F6E42 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
11:19:37.0764 0x09cc  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
11:19:38.0054 0x09cc  Detect skipped due to KSN trusted
11:19:38.0054 0x09cc  HiPatchService - ok
11:19:38.0101 0x09cc  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:19:38.0144 0x09cc  HomeGroupListener - ok
11:19:38.0202 0x09cc  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:19:38.0252 0x09cc  HomeGroupProvider - ok
11:19:38.0299 0x09cc  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
11:19:38.0314 0x09cc  HpSAMD - ok
11:19:38.0384 0x09cc  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
11:19:38.0439 0x09cc  HTTP - ok
11:19:38.0477 0x09cc  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
11:19:38.0503 0x09cc  HvHost - ok
11:19:38.0548 0x09cc  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
11:19:38.0562 0x09cc  hvservice - ok
11:19:38.0601 0x09cc  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
11:19:38.0615 0x09cc  hwpolicy - ok
11:19:38.0625 0x09cc  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
11:19:38.0640 0x09cc  hyperkbd - ok
11:19:38.0696 0x09cc  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
11:19:38.0731 0x09cc  i8042prt - ok
11:19:38.0746 0x09cc  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
11:19:38.0778 0x09cc  iagpio - ok
11:19:38.0791 0x09cc  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
11:19:38.0810 0x09cc  iai2c - ok
11:19:38.0850 0x09cc  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
11:19:38.0869 0x09cc  iaLPSS2i_GPIO2 - ok
11:19:38.0888 0x09cc  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
11:19:38.0904 0x09cc  iaLPSS2i_I2C - ok
11:19:38.0925 0x09cc  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
11:19:38.0935 0x09cc  iaLPSSi_GPIO - ok
11:19:38.0957 0x09cc  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
11:19:38.0977 0x09cc  iaLPSSi_I2C - ok
11:19:39.0064 0x09cc  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
11:19:39.0178 0x09cc  iaStorA - ok
11:19:39.0304 0x09cc  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
11:19:39.0414 0x09cc  iaStorAV - ok
11:19:39.0513 0x09cc  [ 7F7A03D03FA18A0DB2DAC37A8D620E7F, B867A6B38EB81B6FE2501441D4CB69A2488A1F13BA558AB2B728A7507AB1BAC3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:19:39.0528 0x09cc  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:19:39.0693 0x09cc  Detect skipped due to KSN trusted
11:19:39.0693 0x09cc  IAStorDataMgrSvc - ok
11:19:39.0772 0x09cc  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
11:19:39.0854 0x09cc  iaStorV - ok
11:19:39.0920 0x09cc  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
11:19:40.0018 0x09cc  ibbus - ok
11:19:40.0079 0x09cc  [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex      C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
11:19:40.0112 0x09cc  ibtfltcoex - ok
11:19:40.0167 0x09cc  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:19:40.0262 0x09cc  icssvc - ok
11:19:40.0730 0x09cc  [ 226EAECA4F21F899E3F0C95297678A0B, DC18AAE3F1505C9BECB75218F4CCCD8DC6E1C6258EDA9A57B57028246EF346FA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:19:41.0421 0x09cc  igfx - ok
11:19:41.0594 0x09cc  [ A7BA43047998E1F08C4B224BBA55B813, F70D2A687AF85D7260A9109B53E2EE68C8DC2BF09DECB17F8A25030D91A7BEC5 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
11:19:41.0648 0x09cc  IJPLMSVC - ok
11:19:41.0797 0x09cc  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
11:19:41.0968 0x09cc  IKEEXT - ok
11:19:41.0989 0x09cc  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
11:19:42.0058 0x09cc  IndirectKmd - ok
11:19:42.0490 0x09cc  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:19:42.0947 0x09cc  IntcAzAudAddService - ok
11:19:43.0033 0x09cc  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:19:43.0136 0x09cc  IntcDAud - ok
11:19:43.0269 0x09cc  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:19:43.0360 0x09cc  Intel(R) Capability Licensing Service Interface - ok
11:19:43.0419 0x09cc  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
11:19:43.0454 0x09cc  intelide - ok
11:19:43.0479 0x09cc  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
11:19:43.0538 0x09cc  intelpep - ok
11:19:43.0599 0x09cc  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
11:19:43.0660 0x09cc  intelppm - ok
11:19:43.0715 0x09cc  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
11:19:43.0755 0x09cc  iorate - ok
11:19:43.0811 0x09cc  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:19:43.0861 0x09cc  IpFilterDriver - ok
11:19:43.0968 0x09cc  [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:19:44.0157 0x09cc  iphlpsvc - ok
11:19:44.0217 0x09cc  [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:19:44.0260 0x09cc  IPMIDRV - ok
11:19:44.0296 0x09cc  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
11:19:44.0367 0x09cc  IPNAT - ok
11:19:44.0405 0x09cc  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
11:19:44.0472 0x09cc  irda - ok
11:19:44.0520 0x09cc  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
11:19:44.0573 0x09cc  IRENUM - ok
11:19:44.0621 0x09cc  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
11:19:44.0688 0x09cc  irmon - ok
11:19:44.0771 0x09cc  is3srv - ok
11:19:44.0822 0x09cc  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
11:19:44.0860 0x09cc  isapnp - ok
11:19:44.0921 0x09cc  [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
11:19:44.0984 0x09cc  iScsiPrt - ok
11:19:45.0053 0x09cc  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:19:45.0088 0x09cc  jhi_service - ok
11:19:45.0152 0x09cc  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
11:19:45.0235 0x09cc  kbdclass - ok
11:19:45.0282 0x09cc  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
11:19:45.0348 0x09cc  kbdhid - ok
11:19:45.0372 0x09cc  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
11:19:45.0439 0x09cc  kdnic - ok
11:19:45.0498 0x09cc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
11:19:45.0540 0x09cc  KeyIso - ok
11:19:45.0575 0x09cc  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
11:19:45.0621 0x09cc  KSecDD - ok
11:19:45.0693 0x09cc  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:19:45.0774 0x09cc  KSecPkg - ok
11:19:45.0821 0x09cc  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
11:19:45.0889 0x09cc  ksthunk - ok
11:19:45.0960 0x09cc  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
11:19:46.0061 0x09cc  KtmRm - ok
11:19:46.0139 0x09cc  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
11:19:46.0271 0x09cc  LanmanServer - ok
11:19:46.0355 0x09cc  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:19:46.0450 0x09cc  LanmanWorkstation - ok
11:19:46.0510 0x09cc  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
11:19:46.0578 0x09cc  lfsvc - ok
11:19:46.0628 0x09cc  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
11:19:46.0686 0x09cc  LicenseManager - ok
11:19:46.0718 0x09cc  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
11:19:46.0769 0x09cc  lltdio - ok
11:19:46.0815 0x09cc  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
11:19:46.0921 0x09cc  lltdsvc - ok
11:19:46.0956 0x09cc  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
11:19:47.0008 0x09cc  lmhosts - ok
11:19:47.0087 0x09cc  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:19:47.0128 0x09cc  LMS - ok
11:19:47.0256 0x09cc  [ 513E3588C0ACAB09AD4DA933E7554C63, 29522D921683228FF31E6161A2F6AA536D23FC5F7E692873D44BC633638F41F1 ] LolScreenSaverService C:\Riot Games\LolScreenSaver\service\service.exe
11:19:47.0376 0x09cc  LolScreenSaverService - detected UnsignedFile.Multi.Generic ( 1 )
11:19:47.0463 0x09cc  Detect skipped due to KSN trusted
11:19:47.0464 0x09cc  LolScreenSaverService - ok
11:19:47.0521 0x09cc  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
11:19:47.0566 0x09cc  LSI_SAS - ok
11:19:47.0612 0x09cc  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
11:19:47.0657 0x09cc  LSI_SAS2i - ok
11:19:47.0683 0x09cc  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
11:19:47.0730 0x09cc  LSI_SAS3i - ok
11:19:47.0763 0x09cc  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
11:19:47.0811 0x09cc  LSI_SSS - ok
11:19:47.0908 0x09cc  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
11:19:48.0098 0x09cc  LSM - ok
11:19:48.0135 0x09cc  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
11:19:48.0160 0x09cc  luafv - ok
11:19:48.0200 0x09cc  [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
11:19:48.0220 0x09cc  MapsBroker - ok
11:19:48.0255 0x09cc  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
11:19:48.0263 0x09cc  MBAMProtector - ok
11:19:48.0397 0x09cc  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:19:48.0465 0x09cc  MBAMScheduler - ok
11:19:48.0528 0x09cc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:19:48.0576 0x09cc  MBAMService - ok
11:19:48.0619 0x09cc  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
11:19:48.0639 0x09cc  MBAMWebAccessControl - ok
11:19:48.0709 0x09cc  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
11:19:48.0724 0x09cc  megasas - ok
11:19:48.0766 0x09cc  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
11:19:48.0781 0x09cc  megasas2i - ok
11:19:48.0815 0x09cc  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
11:19:48.0850 0x09cc  megasr - ok
11:19:48.0892 0x09cc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
11:19:48.0900 0x09cc  MEIx64 - ok
11:19:48.0944 0x09cc  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
11:19:48.0965 0x09cc  MessagingService - ok
11:19:49.0071 0x09cc  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
11:19:49.0117 0x09cc  mlx4_bus - ok
11:19:49.0153 0x09cc  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
11:19:49.0178 0x09cc  MMCSS - ok
11:19:49.0211 0x09cc  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
11:19:49.0233 0x09cc  Modem - ok
11:19:49.0253 0x09cc  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
11:19:49.0276 0x09cc  monitor - ok
11:19:49.0321 0x09cc  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
11:19:49.0337 0x09cc  mouclass - ok
11:19:49.0357 0x09cc  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
11:19:49.0376 0x09cc  mouhid - ok
11:19:49.0390 0x09cc  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
11:19:49.0407 0x09cc  mountmgr - ok
11:19:49.0459 0x09cc  [ D57B7C101A8216E7769B14645AFEB276, 38BF427F81589173D3CD823A7BD3CA84B0FADD6747467E7AEADB72D1F4E1404B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:19:49.0474 0x09cc  MozillaMaintenance - ok
11:19:49.0501 0x09cc  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
11:19:49.0526 0x09cc  mpsdrv - ok
11:19:49.0592 0x09cc  [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
11:19:49.0655 0x09cc  MpsSvc - ok
11:19:49.0722 0x09cc  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
11:19:49.0748 0x09cc  MRxDAV - ok
11:19:49.0831 0x09cc  [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:19:49.0863 0x09cc  mrxsmb - ok
11:19:49.0903 0x09cc  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:19:49.0944 0x09cc  mrxsmb10 - ok
11:19:49.0960 0x09cc  [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:19:49.0981 0x09cc  mrxsmb20 - ok
11:19:50.0023 0x09cc  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
11:19:50.0046 0x09cc  MsBridge - ok
11:19:50.0088 0x09cc  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
11:19:50.0147 0x09cc  MSDTC - ok
11:19:50.0212 0x09cc  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:19:50.0297 0x09cc  Msfs - ok
11:19:50.0360 0x09cc  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:19:50.0407 0x09cc  msgpiowin32 - ok
11:19:50.0428 0x09cc  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:19:50.0524 0x09cc  mshidkmdf - ok
11:19:50.0545 0x09cc  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
11:19:50.0597 0x09cc  mshidumdf - ok
11:19:50.0624 0x09cc  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
11:19:50.0666 0x09cc  msisadrv - ok
11:19:50.0723 0x09cc  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
11:19:50.0803 0x09cc  MSiSCSI - ok
11:19:50.0816 0x09cc  msiserver - ok
11:19:50.0867 0x09cc  [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
11:19:50.0931 0x09cc  MSKSSRV - ok
11:19:50.0965 0x09cc  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
11:19:51.0044 0x09cc  MsLldp - ok
11:19:51.0067 0x09cc  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
11:19:51.0137 0x09cc  MSPCLOCK - ok
11:19:51.0161 0x09cc  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
11:19:51.0235 0x09cc  MSPQM - ok
11:19:51.0288 0x09cc  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
11:19:51.0368 0x09cc  MsRPC - ok
11:19:51.0404 0x09cc  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
11:19:51.0446 0x09cc  mssmbios - ok
11:19:51.0480 0x09cc  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
11:19:51.0555 0x09cc  MSTEE - ok
11:19:51.0582 0x09cc  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
11:19:51.0629 0x09cc  MTConfig - ok
11:19:51.0671 0x09cc  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
11:19:51.0751 0x09cc  Mup - ok
11:19:51.0776 0x09cc  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
11:19:51.0829 0x09cc  mvumis - ok
11:19:51.0928 0x09cc  [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:19:52.0067 0x09cc  NativeWifiP - ok
11:19:52.0133 0x09cc  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
11:19:52.0216 0x09cc  NcaSvc - ok
11:19:52.0261 0x09cc  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
11:19:52.0459 0x09cc  NcbService - ok
11:19:52.0547 0x09cc  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
11:19:52.0635 0x09cc  NcdAutoSetup - ok
11:19:52.0712 0x09cc  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
11:19:52.0760 0x09cc  ndfltr - ok
11:19:52.0893 0x09cc  [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
11:19:53.0066 0x09cc  NDIS - ok
11:19:53.0122 0x09cc  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
11:19:53.0173 0x09cc  NdisCap - ok
11:19:53.0221 0x09cc  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
11:19:53.0296 0x09cc  NdisImPlatform - ok
11:19:53.0357 0x09cc  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:19:53.0441 0x09cc  NdisTapi - ok
11:19:53.0498 0x09cc  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
11:19:53.0569 0x09cc  Ndisuio - ok
11:19:53.0598 0x09cc  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
11:19:53.0692 0x09cc  NdisVirtualBus - ok
11:19:53.0736 0x09cc  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
11:19:53.0834 0x09cc  NdisWan - ok
11:19:53.0859 0x09cc  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:19:53.0951 0x09cc  ndiswanlegacy - ok
11:19:53.0985 0x09cc  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
11:19:54.0065 0x09cc  ndproxy - ok
11:19:54.0094 0x09cc  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:19:54.0177 0x09cc  Ndu - ok
11:19:54.0226 0x09cc  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
11:19:54.0287 0x09cc  NetAdapterCx - ok
11:19:54.0329 0x09cc  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
11:19:54.0373 0x09cc  NetBIOS - ok
11:19:54.0432 0x09cc  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:

GreenPerl · 17.04.2017, 10:27

TDSSKILLER LOG teil 2:

Code:

ATTFilter

\WINDOWS\system32\DRIVERS\netbt.sys
11:19:54.0517 0x09cc  NetBT - ok
11:19:54.0539 0x09cc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:19:54.0593 0x09cc  Netlogon - ok
11:19:54.0661 0x09cc  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
11:19:54.0760 0x09cc  Netman - ok
11:19:54.0839 0x09cc  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
11:19:54.0960 0x09cc  netprofm - ok
11:19:55.0042 0x09cc  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
11:19:55.0133 0x09cc  NetSetupSvc - ok
11:19:55.0260 0x09cc  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:55.0277 0x09cc  NetTcpPortSharing - ok
11:19:55.0366 0x09cc  [ 999995E6E594D8F7AA72029C8EB2B952, B17880FBA7470E91F0B9EA0975F107EE6D373085C1F22FE536A4570E66D732CE ] NetUtils2016    C:\WINDOWS\system32\drivers\NetUtils2016.sys
11:19:55.0411 0x09cc  NetUtils2016 - ok
11:19:55.0562 0x09cc  [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
11:19:55.0753 0x09cc  NETwNe64 - ok
11:19:55.0812 0x09cc  [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
11:19:55.0854 0x09cc  NgcCtnrSvc - ok
11:19:55.0932 0x09cc  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
11:19:55.0999 0x09cc  NgcSvc - ok
11:19:56.0056 0x09cc  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
11:19:56.0091 0x09cc  NlaSvc - ok
11:19:56.0127 0x09cc  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:19:56.0145 0x09cc  Npfs - ok
11:19:56.0150 0x09cc  npggsvc - ok
11:19:56.0181 0x09cc  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
11:19:56.0216 0x09cc  npsvctrig - ok
11:19:56.0259 0x09cc  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
11:19:56.0277 0x09cc  nsi - ok
11:19:56.0288 0x09cc  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
11:19:56.0306 0x09cc  nsiproxy - ok
11:19:56.0422 0x09cc  [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
11:19:56.0524 0x09cc  NTFS - ok
11:19:56.0561 0x09cc  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:19:56.0576 0x09cc  Null - ok
11:19:56.0593 0x09cc  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
11:19:56.0611 0x09cc  nvraid - ok
11:19:56.0635 0x09cc  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
11:19:56.0653 0x09cc  nvstor - ok
11:19:56.0700 0x09cc  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
11:19:56.0733 0x09cc  OneSyncSvc - ok
11:19:56.0857 0x09cc  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:19:56.0874 0x09cc  ose64 - ok
11:19:56.0984 0x09cc  [ 17932BD2E354CC79D0B471EF52A1C706, 9AAEBBBAA8EB197871BD7FB095568C9F933D4F94D4091A7949AEFB2FFF146AD5 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
11:19:57.0038 0x09cc  OverwolfUpdater - ok
11:19:57.0089 0x09cc  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:19:57.0134 0x09cc  p2pimsvc - ok
11:19:57.0186 0x09cc  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
11:19:57.0225 0x09cc  p2psvc - ok
11:19:57.0265 0x09cc  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
11:19:57.0283 0x09cc  Parport - ok
11:19:57.0328 0x09cc  [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
11:19:57.0346 0x09cc  partmgr - ok
11:19:57.0407 0x09cc  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
11:19:57.0441 0x09cc  PcaSvc - ok
11:19:57.0499 0x09cc  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
11:19:57.0524 0x09cc  pci - ok
11:19:57.0566 0x09cc  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
11:19:57.0580 0x09cc  pciide - ok
11:19:57.0605 0x09cc  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
11:19:57.0623 0x09cc  pcmcia - ok
11:19:57.0637 0x09cc  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
11:19:57.0651 0x09cc  pcw - ok
11:19:57.0693 0x09cc  [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
11:19:57.0711 0x09cc  pdc - ok
11:19:57.0780 0x09cc  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
11:19:57.0836 0x09cc  PEAUTH - ok
11:19:57.0893 0x09cc  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
11:19:57.0899 0x09cc  PEGAGFN - ok
11:19:57.0924 0x09cc  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
11:19:57.0939 0x09cc  percsas2i - ok
11:19:57.0954 0x09cc  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
11:19:57.0970 0x09cc  percsas3i - ok
11:19:58.0060 0x09cc  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
11:19:58.0085 0x09cc  PerfHost - ok
11:19:58.0151 0x09cc  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
11:19:58.0209 0x09cc  PhoneSvc - ok
11:19:58.0259 0x09cc  [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
11:19:58.0297 0x09cc  PimIndexMaintenanceSvc - ok
11:19:58.0410 0x09cc  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
11:19:58.0512 0x09cc  pla - ok
11:19:58.0579 0x09cc  [ BDBD132ECB9FC08F8E2490BB8F62F9ED, F1574179393D1408568EC463311679E702BDAC904FAB85B47983AF3544C96064 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
11:19:58.0601 0x09cc  PlaysService - ok
11:19:58.0650 0x09cc  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
11:19:58.0680 0x09cc  PlugPlay - ok
11:19:58.0686 0x09cc  PnkBstrA - ok
11:19:58.0731 0x09cc  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
11:19:58.0748 0x09cc  PNRPAutoReg - ok
11:19:58.0774 0x09cc  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
11:19:58.0805 0x09cc  PNRPsvc - ok
11:19:58.0860 0x09cc  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
11:19:58.0896 0x09cc  PolicyAgent - ok
11:19:58.0920 0x09cc  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
11:19:58.0946 0x09cc  Power - ok
11:19:58.0984 0x09cc  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
11:19:59.0011 0x09cc  PptpMiniport - ok
11:19:59.0249 0x09cc  [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:19:59.0855 0x09cc  PrintNotify - ok
11:19:59.0915 0x09cc  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
11:19:59.0977 0x09cc  Processor - ok
11:20:00.0053 0x09cc  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
11:20:00.0152 0x09cc  ProfSvc - ok
11:20:00.0217 0x09cc  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
11:20:00.0267 0x09cc  Psched - ok
11:20:00.0338 0x09cc  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
11:20:00.0433 0x09cc  QWAVE - ok
11:20:00.0466 0x09cc  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
11:20:00.0514 0x09cc  QWAVEdrv - ok
11:20:00.0540 0x09cc  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:20:00.0583 0x09cc  RasAcd - ok
11:20:00.0643 0x09cc  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
11:20:00.0727 0x09cc  RasAgileVpn - ok
11:20:00.0781 0x09cc  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:20:00.0856 0x09cc  RasAuto - ok
11:20:00.0892 0x09cc  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
11:20:00.0987 0x09cc  Rasl2tp - ok
11:20:01.0093 0x09cc  [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:20:01.0281 0x09cc  RasMan - ok
11:20:01.0329 0x09cc  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:20:01.0390 0x09cc  RasPppoe - ok
11:20:01.0456 0x09cc  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
11:20:01.0558 0x09cc  RasSstp - ok
11:20:01.0623 0x09cc  [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:20:01.0707 0x09cc  rdbss - ok
11:20:01.0738 0x09cc  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
11:20:01.0786 0x09cc  rdpbus - ok
11:20:01.0851 0x09cc  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
11:20:01.0915 0x09cc  RDPDR - ok
11:20:01.0983 0x09cc  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:20:02.0021 0x09cc  RdpVideoMiniport - ok
11:20:02.0068 0x09cc  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
11:20:02.0141 0x09cc  rdyboost - ok
11:20:02.0249 0x09cc  [ 1534150D2E2B9654A8F11255D08223BD, EC53B80556DF069CC5EEE914409BBCDEB17A2B11D46F0F9AFDD01968252ECF9B ] Recover         C:\Program Files\MSBuild\1KWH1GZ8JFCGHXMT7GATVMNG\kdLyMQCT3#.exe
11:20:02.0281 0x09cc  Recover - detected UnsignedFile.Multi.Generic ( 1 )
11:20:02.0464 0x09cc  Detect turned to UDS exact due to KSN untrusted
11:20:02.0737 0x09cc  Recover ( UDS:DangerousObject.Multi.Generic ) - infected
11:20:02.0737 0x09cc  Force sending object to P2P due to detect: Recover
11:20:02.0904 0x09cc  Object send P2P result: true
11:20:03.0130 0x09cc  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
11:20:03.0277 0x09cc  ReFSv1 - ok
11:20:03.0362 0x09cc  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:20:03.0488 0x09cc  RemoteAccess - ok
11:20:03.0560 0x09cc  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:20:03.0664 0x09cc  RemoteRegistry - ok
11:20:03.0777 0x09cc  [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
11:20:03.0932 0x09cc  RetailDemo - ok
11:20:04.0031 0x09cc  [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
11:20:04.0080 0x09cc  RichVideo64 - ok
11:20:04.0144 0x09cc  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
11:20:04.0214 0x09cc  RmSvc - ok
11:20:04.0273 0x09cc  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
11:20:04.0361 0x09cc  RpcEptMapper - ok
11:20:04.0404 0x09cc  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:20:04.0448 0x09cc  RpcLocator - ok
11:20:04.0537 0x09cc  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
11:20:04.0728 0x09cc  RpcSs - ok
11:20:04.0808 0x09cc  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
11:20:04.0863 0x09cc  rspndr - ok
11:20:04.0931 0x09cc  [ 0E32A8922DCFD28EA00AAEC07CB3F331, 27F329C6A66DB01C291E1EDCEB7781A05658520B12FF8ECD1FBD3B86EF78DF30 ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
11:20:04.0978 0x09cc  RSUSBSTOR - ok
11:20:05.0067 0x09cc  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
11:20:05.0184 0x09cc  rt640x64 - ok
11:20:05.0226 0x09cc  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
11:20:05.0269 0x09cc  s3cap - ok
11:20:05.0330 0x09cc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:20:05.0381 0x09cc  SamSs - ok
11:20:05.0411 0x09cc  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
11:20:05.0460 0x09cc  sbp2port - ok
11:20:05.0537 0x09cc  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
11:20:05.0617 0x09cc  SCardSvr - ok
11:20:05.0687 0x09cc  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
11:20:05.0764 0x09cc  ScDeviceEnum - ok
11:20:05.0805 0x09cc  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:20:05.0858 0x09cc  scfilter - ok
11:20:05.0953 0x09cc  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:20:06.0149 0x09cc  Schedule - ok
11:20:06.0206 0x09cc  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
11:20:06.0248 0x09cc  scmbus - ok
11:20:06.0293 0x09cc  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
11:20:06.0362 0x09cc  scmdisk0101 - ok
11:20:06.0423 0x09cc  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
11:20:06.0489 0x09cc  SCPolicySvc - ok
11:20:06.0530 0x09cc  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys
11:20:06.0550 0x09cc  ScreamBAudioSvc - ok
11:20:06.0617 0x09cc  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
11:20:06.0714 0x09cc  sdbus - ok
11:20:06.0776 0x09cc  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
11:20:06.0852 0x09cc  SDRSVC - ok
11:20:06.0902 0x09cc  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
11:20:06.0947 0x09cc  sdstor - ok
11:20:06.0978 0x09cc  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
11:20:07.0035 0x09cc  seclogon - ok
11:20:07.0078 0x09cc  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
11:20:07.0110 0x09cc  semav6msr64 - ok
11:20:07.0160 0x09cc  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
11:20:07.0215 0x09cc  SENS - ok
11:20:07.0379 0x09cc  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
11:20:07.0619 0x09cc  SensorDataService - ok
11:20:07.0706 0x09cc  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
11:20:07.0829 0x09cc  SensorService - ok
11:20:07.0886 0x09cc  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
11:20:07.0966 0x09cc  SensrSvc - ok
11:20:08.0011 0x09cc  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
11:20:08.0052 0x09cc  SerCx - ok
11:20:08.0090 0x09cc  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
11:20:08.0143 0x09cc  SerCx2 - ok
11:20:08.0173 0x09cc  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
11:20:08.0219 0x09cc  Serenum - ok
11:20:08.0265 0x09cc  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
11:20:08.0432 0x09cc  Serial - ok
11:20:08.0506 0x09cc  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
11:20:08.0553 0x09cc  sermouse - ok
11:20:08.0691 0x09cc  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
11:20:08.0851 0x09cc  SessionEnv - ok
11:20:08.0877 0x09cc  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
11:20:08.0929 0x09cc  sfloppy - ok
11:20:09.0024 0x09cc  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:20:09.0168 0x09cc  SharedAccess - ok
11:20:09.0261 0x09cc  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:20:09.0414 0x09cc  ShellHWDetection - ok
11:20:09.0475 0x09cc  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
11:20:09.0549 0x09cc  shpamsvc - ok
11:20:09.0572 0x09cc  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:20:09.0610 0x09cc  SiSRaid2 - ok
11:20:09.0655 0x09cc  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
11:20:09.0701 0x09cc  SiSRaid4 - ok
11:20:09.0767 0x09cc  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:20:09.0843 0x09cc  SkypeUpdate - ok
11:20:09.0925 0x09cc  [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
11:20:09.0949 0x09cc  SmbDrvI - ok
11:20:09.0987 0x09cc  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
11:20:10.0049 0x09cc  smphost - ok
11:20:10.0136 0x09cc  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
11:20:10.0265 0x09cc  SmsRouter - ok
11:20:10.0328 0x09cc  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:20:10.0347 0x09cc  SNMPTRAP - ok
11:20:10.0408 0x09cc  [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
11:20:10.0443 0x09cc  spaceport - ok
11:20:10.0486 0x09cc  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
11:20:10.0501 0x09cc  SpbCx - ok
11:20:10.0568 0x09cc  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
11:20:10.0639 0x09cc  Spooler - ok
11:20:10.0857 0x09cc  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
11:20:11.0128 0x09cc  sppsvc - ok
11:20:11.0189 0x09cc  [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:20:11.0223 0x09cc  srv - ok
11:20:11.0285 0x09cc  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
11:20:11.0341 0x09cc  srv2 - ok
11:20:11.0387 0x09cc  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:20:11.0414 0x09cc  srvnet - ok
11:20:11.0460 0x09cc  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:20:11.0501 0x09cc  SSDPSRV - ok
11:20:11.0537 0x09cc  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
11:20:11.0565 0x09cc  SstpSvc - ok
11:20:11.0600 0x09cc  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:20:11.0613 0x09cc  ssudmdm - ok
11:20:11.0798 0x09cc  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
11:20:12.0069 0x09cc  StateRepository - ok
11:20:12.0172 0x09cc  [ DF8D486ADBBC6ACA0901CF3C1A09EF05, 734477E23E1C8578517B187CE26FC0F5646BB557F871D6C69D78D12AEB20D287 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:20:12.0230 0x09cc  Steam Client Service - ok
11:20:12.0268 0x09cc  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
11:20:12.0282 0x09cc  stexstor - ok
11:20:12.0367 0x09cc  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
11:20:12.0522 0x09cc  stisvc - ok
11:20:12.0593 0x09cc  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
11:20:12.0638 0x09cc  storahci - ok
11:20:12.0688 0x09cc  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
11:20:12.0726 0x09cc  storflt - ok
11:20:12.0777 0x09cc  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
11:20:12.0819 0x09cc  stornvme - ok
11:20:12.0853 0x09cc  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
11:20:12.0909 0x09cc  storqosflt - ok
11:20:12.0977 0x09cc  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
11:20:13.0087 0x09cc  StorSvc - ok
11:20:13.0108 0x09cc  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
11:20:13.0147 0x09cc  storufs - ok
11:20:13.0177 0x09cc  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
11:20:13.0215 0x09cc  storvsc - ok
11:20:13.0376 0x09cc  [ A0A5F385EFBF96444E1452D9667F8F39, 0707A8298EA1A5C6963EC4CD9DAAF13B6189492F243DE478A597E2CF90840893 ] SvcHost Service Host C:\Windows\Microsoft\svchost.exe
11:20:13.0555 0x09cc  SvcHost Service Host - ok
11:20:13.0605 0x09cc  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
11:20:13.0678 0x09cc  svsvc - ok
11:20:13.0721 0x09cc  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
11:20:13.0755 0x09cc  swenum - ok
11:20:13.0817 0x09cc  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
11:20:13.0948 0x09cc  swprv - ok
11:20:13.0997 0x09cc  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
11:20:14.0047 0x09cc  Synth3dVsc - ok
11:20:14.0136 0x09cc  [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:20:14.0210 0x09cc  SynTP - ok
11:20:14.0258 0x09cc  [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
11:20:14.0298 0x09cc  SynTPEnhService - ok
11:20:14.0411 0x09cc  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
11:20:14.0597 0x09cc  SysMain - ok
11:20:14.0666 0x09cc  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:20:14.0771 0x09cc  SystemEventsBroker - ok
11:20:14.0850 0x09cc  [ 48D2B8AA8C2F1C3360EC33554EC4E6D2, 0F66A9CBED9E70DA3CED6E009795000D41259AD345E3BD3C2EA2F2969588BB04 ] SystemUsageReportSvc_QUEENCREEK C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
11:20:14.0889 0x09cc  SystemUsageReportSvc_QUEENCREEK - ok
11:20:15.0027 0x09cc  [ 8598E4A12EAA945B35365DD2750B9777, 6BC0E1C104FAC4A8CAA4237C7AE181CA11A043A3EE26426AEB7A90DC40281FAD ] szkg5           C:\WINDOWS\syswow64\drivers\szkg64.sys
11:20:15.0050 0x09cc  szkg5 - ok
11:20:15.0128 0x09cc  [ 5069235B15B98F1DA34C5795451922D5, 5054C89105F4A3D937F8A90BFFB64475D1F3796089A9F7A620A32285E68CAAE9 ] szserver        C:\Program Files (x86)\iS3\STOPzilla AntiMalware\SZServer.exe
11:20:15.0163 0x09cc  szserver - ok
11:20:15.0216 0x09cc  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:20:15.0352 0x09cc  TabletInputService - ok
11:20:15.0402 0x09cc  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:20:15.0505 0x09cc  TapiSrv - ok
11:20:15.0737 0x09cc  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
11:20:16.0043 0x09cc  Tcpip - ok
11:20:16.0231 0x09cc  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
11:20:16.0543 0x09cc  Tcpip6 - ok
11:20:16.0639 0x09cc  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
11:20:16.0697 0x09cc  tcpipreg - ok
11:20:16.0737 0x09cc  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
11:20:16.0785 0x09cc  tdx - ok
11:20:16.0832 0x09cc  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
11:20:16.0870 0x09cc  terminpt - ok
11:20:17.0000 0x09cc  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
11:20:17.0241 0x09cc  TermService - ok
11:20:17.0274 0x09cc  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
11:20:17.0425 0x09cc  Themes - ok
11:20:17.0504 0x09cc  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
11:20:17.0681 0x09cc  TieringEngineService - ok
11:20:17.0757 0x09cc  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
11:20:18.0023 0x09cc  tiledatamodelsvc - ok
11:20:18.0062 0x09cc  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
11:20:18.0165 0x09cc  TimeBrokerSvc - ok
11:20:18.0217 0x09cc  [ C676B0F52F2B6483AFB88F79CABB011E, 8F10C7C91B47F87C3E29785BDACA49831857849F688C34A1F097C9D6593003AA ] Tpkd            C:\WINDOWS\system32\drivers\Tpkd.sys
11:20:18.0243 0x09cc  Tpkd - ok
11:20:18.0310 0x09cc  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
11:20:18.0382 0x09cc  TPM - ok
11:20:18.0437 0x09cc  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
11:20:18.0530 0x09cc  TrkWks - ok
11:20:18.0615 0x09cc  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:20:18.0735 0x09cc  TrustedInstaller - ok
11:20:18.0789 0x09cc  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
11:20:18.0927 0x09cc  tsusbflt - ok
11:20:18.0965 0x09cc  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:20:19.0064 0x09cc  TsUsbGD - ok
11:20:19.0122 0x09cc  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
11:20:19.0189 0x09cc  tzautoupdate - ok
11:20:19.0233 0x09cc  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\WINDOWS\system32\DRIVERS\t_mouse.sys
11:20:19.0296 0x09cc  t_mouse.sys - ok
11:20:19.0344 0x09cc  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
11:20:19.0367 0x09cc  UASPStor - ok
11:20:19.0384 0x09cc  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
11:20:19.0410 0x09cc  UcmCx0101 - ok
11:20:19.0450 0x09cc  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
11:20:19.0470 0x09cc  UcmTcpciCx0101 - ok
11:20:19.0491 0x09cc  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
11:20:19.0508 0x09cc  UcmUcsi - ok
11:20:19.0537 0x09cc  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
11:20:19.0557 0x09cc  Ucx01000 - ok
11:20:19.0579 0x09cc  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
11:20:19.0596 0x09cc  UdeCx - ok
11:20:19.0624 0x09cc  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
11:20:19.0661 0x09cc  udfs - ok
11:20:19.0682 0x09cc  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
11:20:19.0695 0x09cc  UEFI - ok
11:20:19.0723 0x09cc  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:20:19.0746 0x09cc  Ufx01000 - ok
11:20:19.0764 0x09cc  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
11:20:19.0781 0x09cc  UfxChipidea - ok
11:20:19.0830 0x09cc  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
11:20:19.0848 0x09cc  ufxsynopsys - ok
11:20:19.0894 0x09cc  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
11:20:19.0916 0x09cc  UI0Detect - ok
11:20:19.0936 0x09cc  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
11:20:19.0954 0x09cc  umbus - ok
11:20:19.0978 0x09cc  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
11:20:19.0993 0x09cc  UmPass - ok
11:20:20.0044 0x09cc  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
11:20:20.0074 0x09cc  UmRdpService - ok
11:20:20.0152 0x09cc  [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
11:20:20.0225 0x09cc  UnistoreSvc - ok
11:20:20.0347 0x09cc  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:20:20.0363 0x09cc  UNS - ok
11:20:20.0414 0x09cc  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:20:20.0460 0x09cc  upnphost - ok
11:20:20.0495 0x09cc  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
11:20:20.0509 0x09cc  UrsChipidea - ok
11:20:20.0548 0x09cc  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
11:20:20.0562 0x09cc  UrsCx01000 - ok
11:20:20.0577 0x09cc  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
11:20:20.0592 0x09cc  UrsSynopsys - ok
11:20:20.0615 0x09cc  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
11:20:20.0635 0x09cc  usbccgp - ok
11:20:20.0658 0x09cc  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
11:20:20.0677 0x09cc  usbcir - ok
11:20:20.0708 0x09cc  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
11:20:20.0725 0x09cc  usbehci - ok
11:20:20.0751 0x09cc  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
11:20:20.0782 0x09cc  usbhub - ok
11:20:20.0818 0x09cc  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
11:20:20.0851 0x09cc  USBHUB3 - ok
11:20:20.0864 0x09cc  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
11:20:20.0881 0x09cc  usbohci - ok
11:20:20.0904 0x09cc  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
11:20:20.0920 0x09cc  usbprint - ok
11:20:20.0938 0x09cc  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
11:20:20.0955 0x09cc  usbser - ok
11:20:20.0977 0x09cc  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:20:20.0994 0x09cc  USBSTOR - ok
11:20:21.0008 0x09cc  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
11:20:21.0025 0x09cc  usbuhci - ok
11:20:21.0071 0x09cc  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
11:20:21.0114 0x09cc  usbvideo - ok
11:20:21.0142 0x09cc  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:20:21.0167 0x09cc  USBXHCI - ok
11:20:21.0264 0x09cc  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
11:20:21.0354 0x09cc  UserDataSvc - ok
11:20:21.0469 0x09cc  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
11:20:21.0659 0x09cc  UserManager - ok
11:20:21.0848 0x09cc  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] USER_ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
11:20:21.0948 0x09cc  USER_ESRV_SVC_QUEENCREEK - ok
11:20:22.0042 0x09cc  [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
11:20:22.0180 0x09cc  UsoSvc - ok
11:20:22.0236 0x09cc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
11:20:22.0277 0x09cc  VaultSvc - ok
11:20:22.0330 0x09cc  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
11:20:22.0374 0x09cc  VBoxUSBMon - ok
11:20:22.0399 0x09cc  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
11:20:22.0437 0x09cc  vdrvroot - ok
11:20:22.0523 0x09cc  [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds             C:\WINDOWS\System32\vds.exe
11:20:22.0669 0x09cc  vds - ok
11:20:22.0737 0x09cc  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
11:20:22.0791 0x09cc  VerifierExt - ok
11:20:22.0883 0x09cc  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
11:20:22.0987 0x09cc  vhdmp - ok
11:20:23.0019 0x09cc  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
11:20:23.0070 0x09cc  vhf - ok
11:20:23.0101 0x09cc  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
11:20:23.0145 0x09cc  vmbus - ok
11:20:23.0168 0x09cc  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
11:20:23.0233 0x09cc  VMBusHID - ok
11:20:23.0278 0x09cc  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
11:20:23.0326 0x09cc  vmgid - ok
11:20:23.0396 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
11:20:23.0485 0x09cc  vmicguestinterface - ok
11:20:23.0515 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
11:20:23.0609 0x09cc  vmicheartbeat - ok
11:20:23.0692 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
11:20:23.0769 0x09cc  vmickvpexchange - ok
11:20:23.0838 0x09cc  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
11:20:23.0927 0x09cc  vmicrdv - ok
11:20:23.0961 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
11:20:24.0036 0x09cc  vmicshutdown - ok
11:20:24.0069 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
11:20:24.0155 0x09cc  vmictimesync - ok
11:20:24.0186 0x09cc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
11:20:24.0261 0x09cc  vmicvmsession - ok
11:20:24.0299 0x09cc  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
11:20:24.0380 0x09cc  vmicvss - ok
11:20:24.0412 0x09cc  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
11:20:24.0453 0x09cc  volmgr - ok
11:20:24.0496 0x09cc  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
11:20:24.0564 0x09cc  volmgrx - ok
11:20:24.0618 0x09cc  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
11:20:24.0690 0x09cc  volsnap - ok
11:20:24.0714 0x09cc  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
11:20:24.0750 0x09cc  volume - ok
11:20:24.0801 0x09cc  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
11:20:24.0842 0x09cc  vpci - ok
11:20:24.0882 0x09cc  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
11:20:24.0931 0x09cc  vsmraid - ok
11:20:25.0085 0x09cc  [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS             C:\WINDOWS\system32\vssvc.exe
11:20:25.0319 0x09cc  VSS - ok
11:20:25.0393 0x09cc  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
11:20:25.0454 0x09cc  VSTXRAID - ok
11:20:25.0500 0x09cc  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
11:20:25.0549 0x09cc  vwifibus - ok
11:20:25.0595 0x09cc  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
11:20:25.0647 0x09cc  vwififlt - ok
11:20:25.0668 0x09cc  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
11:20:25.0717 0x09cc  vwifimp - ok
11:20:25.0805 0x09cc  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
11:20:25.0938 0x09cc  W32Time - ok
11:20:25.0971 0x09cc  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
11:20:26.0016 0x09cc  WacomPen - ok
11:20:26.0098 0x09cc  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
11:20:26.0215 0x09cc  WalletService - ok
11:20:26.0261 0x09cc  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:20:26.0332 0x09cc  wanarp - ok
11:20:26.0347 0x09cc  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:20:26.0428 0x09cc  wanarpv6 - ok
11:20:26.0585 0x09cc  [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine        C:\WINDOWS\system32\wbengine.exe
11:20:26.0855 0x09cc  wbengine - ok
11:20:26.0962 0x09cc  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
11:20:27.0120 0x09cc  WbioSrvc - ok
11:20:27.0177 0x09cc  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
11:20:27.0222 0x09cc  wcifs - ok
11:20:27.0319 0x09cc  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
11:20:27.0439 0x09cc  Wcmsvc - ok
11:20:27.0495 0x09cc  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
11:20:27.0550 0x09cc  wcncsvc - ok
11:20:27.0567 0x09cc  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
11:20:27.0585 0x09cc  wcnfs - ok
11:20:27.0628 0x09cc  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
11:20:27.0642 0x09cc  WdBoot - ok
11:20:27.0702 0x09cc  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
11:20:27.0743 0x09cc  Wdf01000 - ok
11:20:27.0771 0x09cc  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
11:20:27.0794 0x09cc  WdFilter - ok
11:20:27.0844 0x09cc  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
11:20:27.0873 0x09cc  WdiServiceHost - ok
11:20:27.0879 0x09cc  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
11:20:27.0907 0x09cc  WdiSystemHost - ok
11:20:27.0961 0x09cc  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
11:20:28.0010 0x09cc  wdiwifi - ok
11:20:28.0049 0x09cc  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
11:20:28.0066 0x09cc  WdNisDrv - ok
11:20:28.0093 0x09cc  WdNisSvc - ok
11:20:28.0120 0x09cc  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:20:28.0153 0x09cc  WebClient - ok
11:20:28.0180 0x09cc  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
11:20:28.0218 0x09cc  Wecsvc - ok
11:20:28.0238 0x09cc  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
11:20:28.0260 0x09cc  WEPHOSTSVC - ok
11:20:28.0307 0x09cc  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
11:20:28.0340 0x09cc  wercplsupport - ok
11:20:28.0359 0x09cc  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
11:20:28.0398 0x09cc  WerSvc - ok
11:20:28.0422 0x09cc  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
11:20:28.0441 0x09cc  WFPLWFS - ok
11:20:28.0481 0x09cc  [ 2C3E71FF4F6E859AE3833BA206B00614, 60CA297905E357F1596EBEC695629AA34FD5D80C6C6291E89F5B4BC8591ECA64 ] whfltr2k        C:\WINDOWS\System32\drivers\whfltr2k.sys
11:20:28.0506 0x09cc  whfltr2k - ok
11:20:28.0549 0x09cc  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
11:20:28.0571 0x09cc  WiaRpc - ok
11:20:28.0610 0x09cc  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
11:20:28.0624 0x09cc  WIMMount - ok
11:20:28.0627 0x09cc  WinDefend - ok
11:20:28.0650 0x09cc  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
11:20:28.0666 0x09cc  WindowsTrustedRT - ok
11:20:28.0711 0x09cc  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
11:20:28.0724 0x09cc  WindowsTrustedRTProxy - ok
11:20:28.0793 0x09cc  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:20:28.0850 0x09cc  WinHttpAutoProxySvc - ok
11:20:28.0869 0x09cc  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
11:20:28.0883 0x09cc  WinMad - ok
11:20:28.0958 0x09cc  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:20:28.0984 0x09cc  Winmgmt - ok
11:20:29.0104 0x09cc  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:20:29.0272 0x09cc  WinRM - ok
11:20:29.0325 0x09cc  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
11:20:29.0343 0x09cc  WINUSB - ok
11:20:29.0358 0x09cc  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
11:20:29.0373 0x09cc  WinVerbs - ok
11:20:29.0420 0x09cc  [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
11:20:29.0524 0x09cc  wisvc - ok
11:20:29.0747 0x09cc  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
11:20:30.0103 0x09cc  WlanSvc - ok
11:20:30.0310 0x09cc  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
11:20:30.0643 0x09cc  wlidsvc - ok
11:20:30.0671 0x09cc  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
11:20:30.0720 0x09cc  WmiAcpi - ok
11:20:30.0788 0x09cc  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:20:30.0851 0x09cc  wmiApSrv - ok
11:20:30.0897 0x09cc  WMPNetworkSvc - ok
11:20:30.0958 0x09cc  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:20:31.0009 0x09cc  Wof - ok
11:20:31.0209 0x09cc  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
11:20:31.0511 0x09cc  workfolderssvc - ok
11:20:31.0573 0x09cc  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
11:20:31.0653 0x09cc  WPDBusEnum - ok
11:20:31.0707 0x09cc  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:20:31.0742 0x09cc  WpdUpFltr - ok
11:20:31.0785 0x09cc  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
11:20:31.0868 0x09cc  WpnService - ok
11:20:31.0896 0x09cc  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
11:20:31.0957 0x09cc  WpnUserService - ok
11:20:32.0020 0x09cc  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:20:32.0066 0x09cc  ws2ifsl - ok
11:20:32.0117 0x09cc  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:20:32.0208 0x09cc  wscsvc - ok
11:20:32.0230 0x09cc  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
11:20:32.0281 0x09cc  WSDPrintDevice - ok
11:20:32.0316 0x09cc  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
11:20:32.0366 0x09cc  WSDScan - ok
11:20:32.0378 0x09cc  WSearch - ok
11:20:32.0517 0x09cc  [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
11:20:32.0652 0x09cc  wuauserv - ok
11:20:32.0678 0x09cc  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
11:20:32.0699 0x09cc  WudfPf - ok
11:20:32.0739 0x09cc  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
11:20:32.0765 0x09cc  WUDFRd - ok
11:20:32.0806 0x09cc  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
11:20:32.0829 0x09cc  wudfsvc - ok
11:20:32.0841 0x09cc  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:20:32.0866 0x09cc  WUDFWpdFs - ok
11:20:32.0876 0x09cc  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:20:32.0900 0x09cc  WUDFWpdMtp - ok
11:20:32.0976 0x09cc  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
11:20:33.0055 0x09cc  WwanSvc - ok
11:20:33.0132 0x09cc  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
11:20:33.0199 0x09cc  XblAuthManager - ok
11:20:33.0295 0x09cc  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
11:20:33.0373 0x09cc  XblGameSave - ok
11:20:33.0414 0x09cc  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
11:20:33.0458 0x09cc  xboxgip - ok
11:20:33.0530 0x09cc  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
11:20:33.0603 0x09cc  XboxNetApiSvc - ok
11:20:33.0629 0x09cc  [ 0E08FDCF09E7D59133A3206983E4F16D, 981FCF8DC91CB384A26E241F3E3D5D784086656648AA5DD88A98855567422323 ] xhunter1        C:\WINDOWS\xhunter1.sys
11:20:33.0638 0x09cc  xhunter1 - ok
11:20:33.0687 0x09cc  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
11:20:33.0703 0x09cc  xinputhid - ok
11:20:33.0756 0x09cc  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
11:20:33.0775 0x09cc  XQHDrv - ok
11:20:33.0776 0x09cc  ================ Scan global ===============================
11:20:33.0827 0x09cc  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
11:20:33.0867 0x09cc  [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\WINDOWS\system32\winsrv.dll
11:20:33.0912 0x09cc  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
11:20:33.0966 0x09cc  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
11:20:33.0979 0x09cc  [ Global ] - ok
11:20:33.0980 0x09cc  ================ Scan MBR ==================================
11:20:33.0991 0x09cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:20:34.0052 0x09cc  \Device\Harddisk0\DR0 - ok
11:20:34.0052 0x09cc  ================ Scan VBR ==================================
11:20:34.0077 0x09cc  [ F4B998A732D26C97670C126AE0AE9944 ] \Device\Harddisk0\DR0\Partition1
11:20:34.0078 0x09cc  \Device\Harddisk0\DR0\Partition1 - ok
11:20:34.0087 0x09cc  [ 081AFF978342F856FF9D5B01FE976BF0 ] \Device\Harddisk0\DR0\Partition2
11:20:34.0087 0x09cc  \Device\Harddisk0\DR0\Partition2 - ok
11:20:34.0098 0x09cc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:20:34.0098 0x09cc  \Device\Harddisk0\DR0\Partition3 - ok
11:20:34.0116 0x09cc  [ 271EFDA6B6728B7406A6C35DC2F8D5AE ] \Device\Harddisk0\DR0\Partition4
11:20:34.0117 0x09cc  \Device\Harddisk0\DR0\Partition4 - ok
11:20:34.0130 0x09cc  [ A1E6326F7E667DCDF5B2DA8CC98077F0 ] \Device\Harddisk0\DR0\Partition5
11:20:34.0132 0x09cc  \Device\Harddisk0\DR0\Partition5 - ok
11:20:34.0157 0x09cc  [ 1F44097F0864E9ACCEAC6D70772C1F29 ] \Device\Harddisk0\DR0\Partition6
11:20:34.0158 0x09cc  \Device\Harddisk0\DR0\Partition6 - ok
11:20:34.0167 0x09cc  [ 654015E230409C9D0A5C7221303CFB57 ] \Device\Harddisk0\DR0\Partition7
11:20:34.0170 0x09cc  \Device\Harddisk0\DR0\Partition7 - ok
11:20:34.0179 0x09cc  [ 7A9751FFE0314BCC0C637AC51965856D ] \Device\Harddisk0\DR0\Partition8
11:20:34.0181 0x09cc  \Device\Harddisk0\DR0\Partition8 - ok
11:20:34.0182 0x09cc  ================ Scan generic autorun ======================
11:20:34.0680 0x09cc  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:20:35.0224 0x09cc  RTHDVCPL - ok
11:20:35.0321 0x09cc  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:20:35.0372 0x09cc  RtHDVBg_Dolby - ok
11:20:35.0375 0x09cc  SynTPEnh - ok
11:20:35.0421 0x09cc  [ 3402BBBC16E909985C4F184EB247E9BD, 715806A02C33060C3A20AA1387AC656D92A217115123A2BA16DBE4B37C31880F ] C:\WINDOWS\system32\igfxtray.exe
11:20:35.0438 0x09cc  IgfxTray - ok
11:20:35.0461 0x09cc  [ 22BF0CCB64AAE89004355E924E0AD463, BA8FA7DCFAD8396C7A2DB583FF6118361F959040837215FD5198D8D0A4D7E9B6 ] C:\WINDOWS\system32\hkcmd.exe
11:20:35.0488 0x09cc  HotKeysCmds - ok
11:20:35.0545 0x09cc  [ FDA7C3D4227097EC5B45BF9E769B5427, C8A41A3EA957A64CECD17B6E5AFAE2775541C0838CE27FD759031B84180FBFA0 ] C:\WINDOWS\system32\igfxpers.exe
11:20:35.0614 0x09cc  Persistence - ok
11:20:35.0735 0x09cc  [ 27B736DF17A786B222F4E8B149AE9B64, D00800CD7DEB98AD61A58D43093551552F1CD0C46EA9E38E638211EC60C662FB ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
11:20:35.0774 0x09cc  IJNetworkScannerSelectorEX - ok
11:20:35.0939 0x09cc  [ 8A32FF690135458F5563C836D6AC9A10, FDEF87A07B4AFCC0C8D230197A5D6E3313A82FCC3A7BE4EDDAF96E1C189213FF ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
11:20:36.0067 0x09cc  CanonQuickMenu - ok
11:20:36.0808 0x09cc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:20:37.0639 0x09cc  OneDriveSetup - ok
11:20:38.0381 0x09cc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:20:39.0239 0x09cc  OneDriveSetup - ok
11:20:40.0029 0x09cc  [ A95474B14C558CF85A79C18C9356CBCA, 16CCDEE1A2A0930A1EACF1D5E81955CB66DDB872DD2F5602058D6392B80EB56C ] C:\Program Files\CCleaner\CCleaner64.exe
11:20:40.0669 0x09cc  CCleaner Monitoring - ok
11:20:40.0681 0x09cc  Have new async UDS detects: 1
11:20:40.0683 0x09cc  SvcHost Service Host - detected UDS:DangerousObject.Multi.Generic ( 0 )
11:20:40.0683 0x09cc  SvcHost Service Host ( UDS:DangerousObject.Multi.Generic ) - infected
11:20:40.0683 0x09cc  Force sending object to P2P due to detect: SvcHost Service Host
11:20:40.0838 0x09cc  Object send P2P result: true
11:20:41.0049 0x09cc  [ 6C147D2348785558AC0F0A5605B1227D, 033F5916C28F03DFF17AF0D15C7C43976193D33EFBD0A08DA83060740DDD0C49 ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
11:20:41.0110 0x09cc  BlueStacks Agent - ok
11:20:41.0434 0x09cc  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\Владимир\AppData\Local\Akamai\netsession_win.exe
11:20:41.0624 0x09cc  Akamai NetSession Interface - ok
11:20:41.0666 0x09cc  rblbdqbvul - ok
11:20:41.0777 0x09cc  [ D653A1367A57CB70F111F56A6549534A, 0E65A55879C3298DB0DBBB99A2DAC75216218B482D7108F7AE1ABC94F7215A5F ] C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_162_Plugin.exe
11:20:41.0823 0x09cc  FlashPlayerUpdate - ok
11:20:42.0135 0x09cc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:20:42.0493 0x09cc  OneDriveSetup - ok
11:20:42.0687 0x09cc  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:20:42.0761 0x09cc  OneDrive - ok
11:20:42.0861 0x09cc  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
11:20:43.0027 0x09cc  WAB Migrate - ok
11:20:43.0030 0x09cc  Waiting for KSN requests completion. In queue: 6
11:20:44.0139 0x09cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x60100 ( disabled : updated )
11:20:44.0186 0x09cc  Win FW state via NFP2: enabled ( trusted )
11:20:44.0296 0x09cc  ============================================================
11:20:44.0296 0x09cc  Scan finished
11:20:44.0296 0x09cc  ============================================================
11:20:44.0322 0x1124  Detected object count: 2
11:20:44.0322 0x1124  Actual detected object count: 2
11:20:52.0077 0x1124  Recover ( UDS:DangerousObject.Multi.Generic ) - skipped by user
11:20:52.0077 0x1124  Recover ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 
11:20:52.0077 0x1124  SvcHost Service Host ( UDS:DangerousObject.Multi.Generic ) - skipped by user
11:20:52.0077 0x1124  SvcHost Service Host ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip

M-K-D-B · 17.04.2017, 13:16

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
Starte den Rechner im Anschluss neu auf.
Downloade dir den MBAM Uninstaller auf deinen Desktop.
Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

GreenPerl · 17.04.2017, 19:31

ich habe ausversehen vergessen beim adwcleaner die einstellungen zu ändern darum hab ich jetzt 2 Log dateien mit STandart einstellungen und mit geänderten Einstellungen

Standart Einstellungen ADWCLEANER LOG:

Code:

ATTFilter

# AdwCleaner v6.045 - Logfile created 17/04/2017 at 18:20:18
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-16.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Владимир - WLADIMIR
# Running from : C:\Users\Владимир\Desktop\Neuer Ordner\adwcleaner_6.045.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: NetUtils2016


***** [ Folders ] *****



***** [ Files ] *****

[#] File deleted: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] File deleted: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: [x64] HKLM\SOFTWARE\HDWallpaper


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [988 Bytes] - [17/04/2017 18:20:18]
C:\AdwCleaner\AdwCleaner[C11].txt - [15235 Bytes] - [21/11/2015 16:28:45]
C:\AdwCleaner\AdwCleaner[C12].txt - [6800 Bytes] - [22/11/2015 10:21:05]
C:\AdwCleaner\AdwCleaner[C1].txt - [15609 Bytes] - [07/02/2016 10:33:26]
C:\AdwCleaner\AdwCleaner[C2].txt - [3742 Bytes] - [13/06/2016 11:01:34]
C:\AdwCleaner\AdwCleaner[C5].txt - [9306 Bytes] - [26/01/2017 15:07:30]
C:\AdwCleaner\AdwCleaner[C6].txt - [11098 Bytes] - [13/04/2017 18:32:46]
C:\AdwCleaner\AdwCleaner[C7].txt - [6472 Bytes] - [13/04/2017 20:42:36]
C:\AdwCleaner\AdwCleaner[C8].txt - [4071 Bytes] - [13/04/2017 21:36:29]
C:\AdwCleaner\AdwCleaner[C9].txt - [6733 Bytes] - [15/04/2017 12:15:33]
C:\AdwCleaner\AdwCleaner[R0].txt - [310 Bytes] - [20/03/2015 21:55:36]
C:\AdwCleaner\AdwCleaner[R10].txt - [8613 Bytes] - [29/06/2015 21:35:47]
C:\AdwCleaner\AdwCleaner[R11].txt - [2755 Bytes] - [01/07/2015 17:07:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [42281 Bytes] - [20/03/2015 22:04:07]
C:\AdwCleaner\AdwCleaner[R2].txt - [37661 Bytes] - [28/05/2015 13:33:08]
C:\AdwCleaner\AdwCleaner[R3].txt - [17950 Bytes] - [29/05/2015 14:30:40]
C:\AdwCleaner\AdwCleaner[R4].txt - [13922 Bytes] - [30/05/2015 15:32:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [17411 Bytes] - [02/06/2015 16:31:22]
C:\AdwCleaner\AdwCleaner[R6].txt - [11998 Bytes] - [02/06/2015 17:22:06]
C:\AdwCleaner\AdwCleaner[R7].txt - [306 Bytes] - [03/06/2015 19:24:51]
C:\AdwCleaner\AdwCleaner[R8].txt - [23853 Bytes] - [03/06/2015 20:29:19]
C:\AdwCleaner\AdwCleaner[R9].txt - [3678 Bytes] - [06/06/2015 10:33:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [38019 Bytes] - [20/03/2015 22:10:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [9673 Bytes] - [25/01/2017 23:10:44]
C:\AdwCleaner\AdwCleaner[S13].txt - [17573 Bytes] - [21/11/2015 16:23:24]
C:\AdwCleaner\AdwCleaner[S14].txt - [10636 Bytes] - [22/11/2015 10:19:52]
C:\AdwCleaner\AdwCleaner[S15].txt - [9747 Bytes] - [26/01/2017 14:43:34]
C:\AdwCleaner\AdwCleaner[S16].txt - [6255 Bytes] - [26/01/2017 15:06:34]
C:\AdwCleaner\AdwCleaner[S17].txt - [9764 Bytes] - [13/04/2017 18:20:38]
C:\AdwCleaner\AdwCleaner[S18].txt - [10525 Bytes] - [13/04/2017 18:26:59]
C:\AdwCleaner\AdwCleaner[S19].txt - [6570 Bytes] - [13/04/2017 20:42:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [36778 Bytes] - [28/05/2015 13:36:17]
C:\AdwCleaner\AdwCleaner[S20].txt - [4087 Bytes] - [13/04/2017 21:32:45]
C:\AdwCleaner\AdwCleaner[S21].txt - [6331 Bytes] - [15/04/2017 11:59:43]
C:\AdwCleaner\AdwCleaner[S22].txt - [4294 Bytes] - [17/04/2017 18:16:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [21230 Bytes] - [29/05/2015 14:35:04]
C:\AdwCleaner\AdwCleaner[S3].txt - [14663 Bytes] - [30/05/2015 15:48:23]
C:\AdwCleaner\AdwCleaner[S4].txt - [4888 Bytes] - [02/06/2015 16:59:54]
C:\AdwCleaner\AdwCleaner[S5].txt - [5664 Bytes] - [02/06/2015 17:28:13]
C:\AdwCleaner\AdwCleaner[S6].txt - [15013 Bytes] - [03/06/2015 20:35:22]
C:\AdwCleaner\AdwCleaner[S7].txt - [3405 Bytes] - [06/06/2015 10:36:58]
C:\AdwCleaner\AdwCleaner[S8].txt - [8171 Bytes] - [29/06/2015 21:38:52]
C:\AdwCleaner\AdwCleaner[S9].txt - [2583 Bytes] - [01/07/2015 17:12:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt - [4158 Bytes] ##########

Geänderte einstellungen ADWCLEANER LOG :

Code:

ATTFilter

# AdwCleaner v6.045 - Logfile created 17/04/2017 at 18:41:07
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-16.1 [Local]
# Operating System : Windows 10 Home  (X64)
# Username : Владимир - WLADIMIR
# Running from : C:\Users\Владимир\Desktop\Neuer Ordner\adwcleaner_6.045.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****

[#] File deleted: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] File deleted: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: [x64] HKLM\SOFTWARE\HDWallpaper


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: " Image File Execution Options" keys deleted
:: "Prefetch" files deleted
:: Proxy settings cleared
:: Firewall rules cleared
:: Chrome preferences reset: C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [1186 Bytes] - [17/04/2017 18:41:07]
C:\AdwCleaner\AdwCleaner[C11].txt - [15235 Bytes] - [21/11/2015 16:28:45]
C:\AdwCleaner\AdwCleaner[C12].txt - [6800 Bytes] - [22/11/2015 10:21:05]
C:\AdwCleaner\AdwCleaner[C1].txt - [15609 Bytes] - [07/02/2016 10:33:26]
C:\AdwCleaner\AdwCleaner[C2].txt - [3742 Bytes] - [13/06/2016 11:01:34]
C:\AdwCleaner\AdwCleaner[C5].txt - [9306 Bytes] - [26/01/2017 15:07:30]
C:\AdwCleaner\AdwCleaner[C6].txt - [11098 Bytes] - [13/04/2017 18:32:46]
C:\AdwCleaner\AdwCleaner[C7].txt - [6472 Bytes] - [13/04/2017 20:42:36]
C:\AdwCleaner\AdwCleaner[C8].txt - [4071 Bytes] - [13/04/2017 21:36:29]
C:\AdwCleaner\AdwCleaner[C9].txt - [6733 Bytes] - [15/04/2017 12:15:33]
C:\AdwCleaner\AdwCleaner[R0].txt - [310 Bytes] - [20/03/2015 21:55:36]
C:\AdwCleaner\AdwCleaner[R10].txt - [8613 Bytes] - [29/06/2015 21:35:47]
C:\AdwCleaner\AdwCleaner[R11].txt - [2755 Bytes] - [01/07/2015 17:07:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [42281 Bytes] - [20/03/2015 22:04:07]
C:\AdwCleaner\AdwCleaner[R2].txt - [37661 Bytes] - [28/05/2015 13:33:08]
C:\AdwCleaner\AdwCleaner[R3].txt - [17950 Bytes] - [29/05/2015 14:30:40]
C:\AdwCleaner\AdwCleaner[R4].txt - [13922 Bytes] - [30/05/2015 15:32:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [17411 Bytes] - [02/06/2015 16:31:22]
C:\AdwCleaner\AdwCleaner[R6].txt - [11998 Bytes] - [02/06/2015 17:22:06]
C:\AdwCleaner\AdwCleaner[R7].txt - [306 Bytes] - [03/06/2015 19:24:51]
C:\AdwCleaner\AdwCleaner[R8].txt - [23853 Bytes] - [03/06/2015 20:29:19]
C:\AdwCleaner\AdwCleaner[R9].txt - [3678 Bytes] - [06/06/2015 10:33:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [38019 Bytes] - [20/03/2015 22:10:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [9673 Bytes] - [25/01/2017 23:10:44]
C:\AdwCleaner\AdwCleaner[S13].txt - [17573 Bytes] - [21/11/2015 16:23:24]
C:\AdwCleaner\AdwCleaner[S14].txt - [10636 Bytes] - [22/11/2015 10:19:52]
C:\AdwCleaner\AdwCleaner[S15].txt - [9747 Bytes] - [26/01/2017 14:43:34]
C:\AdwCleaner\AdwCleaner[S16].txt - [6255 Bytes] - [26/01/2017 15:06:34]
C:\AdwCleaner\AdwCleaner[S17].txt - [9764 Bytes] - [13/04/2017 18:20:38]
C:\AdwCleaner\AdwCleaner[S18].txt - [10525 Bytes] - [13/04/2017 18:26:59]
C:\AdwCleaner\AdwCleaner[S19].txt - [6570 Bytes] - [13/04/2017 20:42:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [36778 Bytes] - [28/05/2015 13:36:17]
C:\AdwCleaner\AdwCleaner[S20].txt - [4087 Bytes] - [13/04/2017 21:32:45]
C:\AdwCleaner\AdwCleaner[S21].txt - [6331 Bytes] - [15/04/2017 11:59:43]
C:\AdwCleaner\AdwCleaner[S22].txt - [4294 Bytes] - [17/04/2017 18:16:00]
C:\AdwCleaner\AdwCleaner[S23].txt - [4367 Bytes] - [17/04/2017 18:40:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [21230 Bytes] - [29/05/2015 14:35:04]
C:\AdwCleaner\AdwCleaner[S3].txt - [14663 Bytes] - [30/05/2015 15:48:23]
C:\AdwCleaner\AdwCleaner[S4].txt - [4888 Bytes] - [02/06/2015 16:59:54]
C:\AdwCleaner\AdwCleaner[S5].txt - [5664 Bytes] - [02/06/2015 17:28:13]
C:\AdwCleaner\AdwCleaner[S6].txt - [15013 Bytes] - [03/06/2015 20:35:22]
C:\AdwCleaner\AdwCleaner[S7].txt - [3405 Bytes] - [06/06/2015 10:36:58]
C:\AdwCleaner\AdwCleaner[S8].txt - [8171 Bytes] - [29/06/2015 21:38:52]
C:\AdwCleaner\AdwCleaner[S9].txt - [2583 Bytes] - [01/07/2015 17:12:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt - [4431 Bytes] ##########

MBAM LOG:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 17.04.17
Scan-Zeit: 19:06
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1748
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Wladimir\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 507908
Abgelaufene Zeit: 39 Min., 8 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 2
Adware.Amonetize, C:\PROGRAM FILES\MSBUILD\1KWH1GZ8JFCGHXMT7GATVMNG\KDLYMQCT3#.EXE, In Quarantäne, [996], [389516],1.0.1748
Adware.RuKometa, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, In Quarantäne, [868], [380161],1.0.1748

Modul: 2
Adware.Amonetize, C:\PROGRAM FILES\MSBUILD\1KWH1GZ8JFCGHXMT7GATVMNG\KDLYMQCT3#.EXE, In Quarantäne, [996], [389516],1.0.1748
Adware.RuKometa, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, In Quarantäne, [868], [380161],1.0.1748

Registrierungsschlüssel: 16
Adware.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Recover, Löschen bei Neustart, [996], [389516],1.0.1748
Adware.RuKometa, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SvcHost Service Host, Löschen bei Neustart, [868], [380161],1.0.1748
PUP.Optional.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{98C066AB-D735-4339-9E52-A34875141B56}\InprocServer32, Löschen bei Neustart, [322], [316935],1.0.1748
PUP.Optional.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{98C066AB-D735-4339-9E52-A34875141B56}, Löschen bei Neustart, [322], [316935],1.0.1748
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Löschen bei Neustart, [965], [327205],1.0.1748
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, Löschen bei Neustart, [965], [327206],1.0.1748
PUP.Optional.MultiPlug, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Löschen bei Neustart, [246], [-1],0.0.0
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Löschen bei Neustart, [246], [-1],0.0.0
PUP.Optional.MultiPlug, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\POLICIES\GOOGLE\CHROME, Löschen bei Neustart, [246], [-1],0.0.0
Adware.NetUtils, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, Löschen bei Neustart, [8936], [385134],1.0.1748
Adware.RuKometa, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\MICROSOFT\KometaInstaller, Löschen bei Neustart, [868], [387291],1.0.1748
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Löschen bei Neustart, [915], [316191],1.0.1748
PUP.Optional.StartPage, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\START PAGE, Löschen bei Neustart, [49], [259290],1.0.1748
PUP.Optional.Amigo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe, Löschen bei Neustart, [4933], [386186],1.0.1748
Adware.RuKometa, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\NETBOX\Kometa, Löschen bei Neustart, [868], [387292],1.0.1748
Adware.RuKometa, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\NETBOX\KometaInstaller, Löschen bei Neustart, [868], [387292],1.0.1748

Registrierungswert: 5
PUP.Optional.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{98C066AB-D735-4339-9E52-A34875141B56}, Löschen bei Neustart, [322], [316935],1.0.1748
PUP.Optional.StartPage.Generic, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|RBLBDQBVUL, Löschen bei Neustart, [2495], [182786],1.0.1748
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|HP, Löschen bei Neustart, [915], [316191],1.0.1748
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|TAB, Löschen bei Neustart, [915], [316191],1.0.1748
PUP.Optional.StartPage, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\START PAGE|START PAGE, Löschen bei Neustart, [49], [259290],1.0.1748

Registrierungsdaten: 2
PUP.Optional.Omniboxes.ShrtCln, HKU\S-1-5-21-3093447193-1613427322-2618303830-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\MICROSOFTEDGE\MAIN|HOMEBUTTONPAGE, Ersetzen bei Neustart, [11441], [291085],1.0.1748
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|USERINIT, Ersetzen bei Neustart, [459], [291539],1.0.1748

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 4
PUP.Optional.Elex, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\ROAMING\PushControl, Löschen bei Neustart, [7], [310688],1.0.1748
PUP.Optional.InterStat, C:\Users\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, Löschen bei Neustart, [1285], [373566],1.0.1748
PUP.Optional.InterStat, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, Löschen bei Neustart, [1285], [373566],1.0.1748
PUP.Optional.RussAd, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\WUPDATE, Löschen bei Neustart, [10], [378182],1.0.1748

Datei: 36
Adware.Amonetize, C:\PROGRAM FILES\MSBUILD\1KWH1GZ8JFCGHXMT7GATVMNG\KDLYMQCT3#.EXE, Löschen bei Neustart, [996], [389516],1.0.1748
Adware.RuKometa, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, Löschen bei Neustart, [868], [380161],1.0.1748
PUP.Optional.Elex.SHHKRST, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCOOKIES\CHAGAGHT.DLL, Löschen bei Neustart, [322], [316935],1.0.1748
PUP.Optional.Elex, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCOOKIES\CHAGAGHT.DLL, Löschen bei Neustart, [7], [339258],1.0.1748
PUP.Optional.Elex, C:\Users\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\AppData\Roaming\PushControl\PushControl.exe, Löschen bei Neustart, [7], [310688],1.0.1748
PUP.Optional.Elex, C:\Users\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\AppData\Roaming\PushControl\sqlite3.dll, Löschen bei Neustart, [7], [310688],1.0.1748
HackTool.Agent.AIM, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\ROAMING\7ROAD\LABA\MPH LEIS - SILENT AIM.RAR, Löschen bei Neustart, [6410], [64477],1.0.1748
PUP.Optional.RussAd, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ULTIMATE-DISCOUNTER BROWSER.LNK, Löschen bei Neustart, [10], [385579],1.0.1748
PUP.Optional.Reimage, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\ROAMING\PROFILES\W9L91KCI.DEFAULT\CACHE2\ENTRIES\0234FEFC29520A2931D073D5D68C75E123928C87, Löschen bei Neustart, [965], [331559],1.0.1748
PUP.Optional.MultiPlug, C:\PROGRAM FILES (X86)\SYSTEMVIGOR\SYSTEMVIGOR.DLL, Löschen bei Neustart, [246], [91036],1.0.1748
PUP.Optional.MultiPlug, C:\PROGRAMDATA\NTUSER.POL, Löschen bei Neustart, [246], [-1],0.0.0
PUP.Optional.MultiPlug, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, Löschen bei Neustart, [246], [-1],0.0.0
PUP.Optional.MultiPlug, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Löschen bei Neustart, [246], [-1],0.0.0
PUP.Optional.Reimage, C:\WINDOWS\TEMP\REIMAGE.LOG, Löschen bei Neustart, [965], [334717],1.0.1748

PUP.Optional.SpyHunter, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\SH-REMOVER.EXE, Löschen bei Neustart, [1265], [345850],1.0.1748
PUP.Optional.FileTour, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\GTA-SA.EXE, Löschen bei Neustart, [625], [385293],1.0.1748
PUP.Optional.OpenCandy, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\CHEATENGINE65.EXE, Löschen bei Neustart, [469], [101648],1.0.1748
PUP.Optional.FileTour, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\SAMP_CHEAT_3.EXE, Löschen bei Neustart, [625], [385293],1.0.1748
Adware.FileTour, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\SOBEIT_BY_SLONOBOYKO.ZIP, Löschen bei Neustart, [437], [389891],1.0.1748
PUP.Optional.InstallMonster, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\MAPA_AND_CRAZY.RAR, Löschen bei Neustart, [87], [121631],1.0.1748
Trojan.Kryptik, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\ETDCTRL\ETDCTRL.EXE, Löschen bei Neustart, [782], [369377],1.0.1748
Adware.FileTour, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\SOBEIT_BY_SLONOBOYKO_03.04.2017.ZIP, Löschen bei Neustart, [437], [389891],1.0.1748
Adware.FileTour, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\DOWNLOADS\VASH_PAROL.ZIP, Löschen bei Neustart, [437], [365045],1.0.1748
Trojan.Kryptik, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\ETDCTRL\ETDCTRL_UPGRADE.EXE, Löschen bei Neustart, [782], [369377],1.0.1748
Trojan.Kryptik, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\ETDCTRL\ETDCTRL.EXE.OLD, Löschen bei Neustart, [782], [369377],1.0.1748
Adware.RuKometa, C:\USERS\\u00d0\u0092\u00d0\u00bb\u00d0\u00b0\u00d0\u00b4\u00d0\u00b8\u00d0\u00bc\u00d0\u00b8\u00d1\u0080\APPDATA\LOCAL\WUPDATE\WUPDATE.EXE, Löschen bei Neustart, [868], [379406],1.0.1748
Adware.NetUtils, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, Löschen bei Neustart, [8936], [385134],1.0.1748

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

FRST.TXT TEIL 1

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01
durchgeführt von Владимир (Administrator) auf WLADIMIR (17-04-2017 20:11:42)
Gestartet von C:\Users\Владимир\Desktop
Geladene Profile: Владимир (Verfügbare Profile: Владимир & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiMalware\SZServer.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiMalware\STOPzilla.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\MyWiMax.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Владимир\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\lol.scr [3721216 2016-03-30] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{fbce919f-74f4-4345-8261-4f8f29c1520c}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-09] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> Kein Name - {09900DE8-1DCA-443F-9243-26FF581438AF} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: w9l91kci.default
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default [2017-04-14]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-05-05]
FF Extension: (Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\p25yv99q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default [2017-04-17]
FF Homepage: Profiles\w9l91kci.default -> about:home
FF Session Restore: Profiles\w9l91kci.default -> ist aktiviert.
FF Keyword.URL: Profiles\w9l91kci.default -> hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?uid=11A99623A4BDEBB0A892CA3E843DD8CE&ptid=pro&ts=AHEqBHAsAnUpAU..&v=20160607&mode=ffexttoolbar&q=
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\Extensions\elemhidehelper@adblockplus.org.xpi [2017-04-13]
FF Extension: (Adblock Plus) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-10]
FF Extension: (Disable Prefetch) - C:\Users\Владимир\AppData\Roaming\Profiles\w9l91kci.default\features\{8955282b-a055-4a27-a029-fd01e115f6ad}\disable-prefetch@mozilla.org.xpi [2017-04-14]
FF ProfilePath: C:\Users\Владимир\AppData\Roaming\Mozilla\Firefox\Profiles\58y51ttl.default-1465805962448 [2017-04-14]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-14] [ist nicht signiert]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: (Content Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-12-25] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Владимир\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @Roozz.com/RoozzPlugin -> C:\Program Files (x86)\Roozz\nproozz.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-14] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3093447193-1613427322-2618303830-1001: @mail.ru/GameCenter -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3093447193-1613427322-2618303830-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Владимир\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811036","chrome://newtab/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default [2017-04-17]
CHR Extension: (Google Präsentationen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-17]
CHR Extension: (Google Docs) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-17]
CHR Extension: (Google Drive) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-17]
CHR Extension: (YouTube) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-17]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2017-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-17]
CHR Extension: (MSN Homepage) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2017-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-17]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2017-04-17]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2017-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-17]
CHR Extension: (Google Mail) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-17]
CHR Extension: (Anti-Banner) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2017-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-17]
CHR Profile: C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1 [2017-04-16] <==== ACHTUNG
CHR Extension: (Spotify - Music for every moment) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-04-15]
CHR Extension: (JP Performance - BMW M4 (unoffical)) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\denclkkkinblmabbbedcablldldmjlle [2017-04-15]
CHR Extension: (AdBlock) - C:\Users\Владимир\AppData\Local\Google\Chrome\User Data\Default1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-15]
CHR HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-20]

Opera: 
=======
OPR Extension: (Tampermonkey) - C:\Users\Владимир\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-04-13]
OPR Extension: (Spiptus) - C:\Users\Владимир\AppData\Roaming\Opera Software\Opera Stable\Extensions\iindkkipiinfeoppmpjcmmifilkighnp [2017-04-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [Datei ist nicht signiert]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5560840 2016-05-11] (INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-02-02] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-11-07] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
R2 szserver; C:\Program Files (x86)\iS3\STOPzilla AntiMalware\SZServer.exe [194464 2016-07-01] (iS3, Inc.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [78856 2016-10-29] (Multi Theft Auto)
S3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-17] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-17] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-17] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 szkg5; C:\Windows\SysWow64\drivers\szkg64.sys [74768 2016-07-01] (iS3 Inc.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 whfltr2k; C:\WINDOWS\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWOW64\drivers\whfltr2k.sys [10368 2009-09-16] ()
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-11] (Wellbia.com Co., Ltd.)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S0 is3srv; SySWOW64\drivers\is3srv64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2030-12-13 02:39 - 2017-04-17 13:03 - 00000000 __SHD C:\System Volume Information
2017-04-17 20:11 - 2017-04-17 20:24 - 00030111 _____ C:\Users\Владимир\Desktop\FRST.txt
2017-04-17 20:05 - 2017-04-17 20:07 - 00001952 _____ C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2017-04-17 19:53 - 2017-04-17 19:53 - 00000000 ____D C:\Users\Владимир\Desktop\FRST-OlderVersion
2017-04-17 19:50 - 2017-04-17 19:59 - 00010912 _____ C:\Users\Владимир\Desktop\mbam.txt
2017-04-17 19:48 - 2017-04-17 20:04 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-04-17 19:06 - 2017-04-17 20:21 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-17 19:06 - 2017-04-17 20:05 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-17 19:06 - 2017-04-17 20:05 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-17 19:06 - 2017-04-17 20:04 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-17 19:06 - 2017-04-17 19:06 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-17 19:06 - 2017-04-17 19:06 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-17 19:06 - 2017-04-17 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-17 19:05 - 2017-04-17 19:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-17 19:05 - 2017-04-17 19:05 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-17 19:05 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-17 19:04 - 2017-04-17 19:05 - 60107896 _____ (Malwarebytes ) C:\Users\Владимир\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-17 18:56 - 2017-04-17 18:57 - 00331108 _____ C:\WINDOWS\Minidump\041717-46109-01.dmp
2017-04-17 18:48 - 2017-04-17 18:48 - 00566128 _____ (Malwarebytes) C:\Users\Владимир\Downloads\mbam-clean-2.3.0.1001.exe
2017-04-17 18:20 - 2017-04-17 18:41 - 00004515 _____ C:\Users\Владимир\Desktop\AdwCleaner[C10] 2.txt
2017-04-17 18:20 - 2017-04-17 18:20 - 00004242 _____ C:\Users\Владимир\Desktop\AdwCleaner[C10] 1.txt
2017-04-17 13:11 - 2017-04-17 19:51 - 00000000 ___RD C:\Users\Владимир\Desktop\Neuer Ordner
2017-04-17 13:05 - 2017-04-17 13:07 - 00334116 _____ C:\WINDOWS\Minidump\041717-47312-01.dmp
2017-04-17 13:01 - 2017-04-17 13:02 - 00918016 _____ C:\Users\Владимир\Downloads\ISORecorder3.1.3.x64.msi
2017-04-17 11:17 - 2017-04-17 12:14 - 00278916 _____ C:\TDSSKiller.3.1.0.12_17.04.2017_11.17.24_log.txt
2017-04-15 15:34 - 2017-04-15 15:35 - 00000000 ___HD C:\ProgramData\CanonIJScan
2017-04-15 14:45 - 2017-04-15 14:45 - 00000000 ___HD C:\ProgramData\CanonIJQuickMenu
2017-04-15 14:44 - 2017-04-15 15:34 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\Canon
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Canon Easy-WebPrint EX2
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Canon Easy-WebPrint EX
2017-04-15 14:39 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5700 series Benutzerregistrierung
2017-04-15 14:33 - 2017-04-15 14:39 - 00000000 ____D C:\Program Files\Canon
2017-04-15 14:33 - 2017-04-15 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5700 series Manual
2017-04-15 14:29 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-04-15 14:29 - 2017-04-15 14:39 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2017-04-15 14:29 - 2017-04-15 14:29 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2017-04-15 14:28 - 2017-04-15 14:28 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-04-15 14:28 - 2015-03-17 08:51 - 00375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2017-04-15 14:28 - 2015-03-17 08:51 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2017-04-15 14:28 - 2015-03-17 08:50 - 00380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2017-04-15 14:28 - 2015-01-29 11:22 - 00353792 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_CSL.dll
2017-04-15 14:28 - 2014-12-02 16:01 - 00096256 _____ C:\WINDOWS\SysWOW64\CNC178ED.TBL
2017-04-15 14:28 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2017-04-15 14:27 - 2017-04-15 14:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2017-04-15 14:27 - 2015-03-15 05:00 - 00406528 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCS.DLL
2017-04-15 14:26 - 2017-04-15 14:27 - 00000000 ___HD C:\Program Files\CanonBJ
2017-04-15 14:22 - 2017-04-16 13:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-04-15 14:22 - 2017-04-15 14:22 - 00000000 ____D C:\ProgramData\Canon
2017-04-15 14:21 - 2017-04-15 14:43 - 00000000 ____D C:\Program Files (x86)\Canon
2017-04-15 13:30 - 2017-04-17 19:53 - 00000000 ____D C:\FRST
2017-04-15 13:29 - 2017-04-17 19:53 - 02424832 _____ (Farbar) C:\Users\Владимир\Desktop\FRST64.exe
2017-04-15 12:22 - 2017-04-15 12:22 - 05007377 _____ C:\Users\Владимир\Downloads\Убийцы драконов.zip
2017-04-15 12:01 - 2017-04-17 18:56 - 524361546 _____ C:\WINDOWS\MEMORY.DMP
2017-04-15 12:01 - 2017-04-17 18:56 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-15 12:01 - 2017-04-15 12:04 - 00420684 _____ C:\WINDOWS\Minidump\041517-30671-01.dmp
2017-04-14 22:10 - 2017-04-14 22:10 - 00000016 _____ C:\WINDOWS\system32\config\software.szfi
2017-04-14 14:41 - 2017-04-14 14:41 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-14 14:41 - 2017-04-14 14:41 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-14 13:39 - 2017-04-14 13:39 - 00000000 ____D C:\Users\Владимир\AppData\Local\UNP
2017-04-14 13:21 - 2017-04-14 13:22 - 00000000 ____D C:\Program Files\UNP
2017-04-14 13:21 - 2017-04-14 13:21 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-14 13:08 - 2017-04-14 13:08 - 00001056 _____ C:\WINDOWS\SysWOW64\Drivers\kgpcpy.cfg
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla AntiMalware
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\Program Files (x86)\iS3
2017-04-13 21:52 - 2017-04-13 21:52 - 00593064 _____ C:\Users\Владимир\Downloads\STOPzilla_ASM_RW65.exe
2017-04-13 20:26 - 2017-04-17 19:00 - 00624640 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-04-13 20:26 - 2017-04-13 20:26 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-04-13 20:26 - 2017-04-13 20:26 - 00000000 ____D C:\Users\Владимир\AppData\Local\CrashRpt
2017-04-13 20:20 - 2017-04-13 20:20 - 00000397 _____ C:\Users\Владимир\Downloads\extreme_injector_v3_6.torrent
2017-04-13 19:20 - 2017-04-13 19:20 - 01129376 _____ (Google Inc.) C:\Users\Владимир\Downloads\ChromeSetup (1).exe
2017-04-13 18:23 - 2017-04-17 19:48 - 00000000 ____D C:\Users\Владимир\AppData\Local\etdctrl
2017-04-13 18:19 - 2017-04-13 18:19 - 00000387 _____ C:\Users\Владимир\Downloads\pukanobomb2.torrent
2017-04-13 18:02 - 2017-04-13 18:02 - 01204711 _____ C:\WINDOWS\unins000.exe
2017-04-13 17:58 - 2017-04-13 18:00 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\Владимир\Downloads\CLEO4_setup (2).exe
2017-04-13 17:57 - 2017-04-13 20:15 - 00000000 ____D C:\Users\Владимир\Desktop\Trolling
2017-04-13 17:55 - 2017-04-13 17:56 - 701897648 _____ C:\Users\Владимир\Downloads\FSX.rar
2017-04-13 17:55 - 2017-04-13 17:55 - 16270006 _____ C:\Users\Владимир\Downloads\sa-mp-0.3.7-install (1).exe
2017-04-13 12:42 - 2017-04-13 18:11 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\WhatsApp
2017-04-13 12:42 - 2017-04-13 12:42 - 00002299 _____ C:\Users\Владимир\Desktop\WhatsApp.lnk
2017-04-13 12:42 - 2017-04-13 12:42 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-04-13 12:41 - 2017-04-13 12:42 - 00000000 ____D C:\Users\Владимир\AppData\Local\WhatsApp
2017-04-13 12:40 - 2017-04-13 12:41 - 82428176 _____ (WhatsApp) C:\Users\Владимир\Downloads\WhatsAppSetup.exe
2017-04-12 18:00 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 18:00 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 18:00 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 18:00 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 18:00 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 18:00 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 18:00 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 18:00 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 18:00 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 18:00 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 18:00 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 18:00 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 18:00 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 18:00 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 18:00 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 18:00 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 18:00 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 18:00 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 18:00 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 18:00 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 18:00 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 18:00 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 18:00 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 18:00 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 18:00 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 18:00 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 18:00 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 18:00 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 18:00 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 18:00 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 18:00 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 18:00 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 18:00 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 18:00 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 18:00 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 18:00 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 18:00 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 18:00 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 18:00 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 18:00 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 18:00 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 18:00 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 18:00 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 18:00 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 18:00 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 18:00 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 18:00 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 18:00 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 18:00 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 18:00 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:59 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:59 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:59 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:59 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:59 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:59 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:59 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:59 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:59 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:59 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:59 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:59 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:59 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:59 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:59 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:59 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:59 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:59 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:59 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:59 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:59 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:59 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:59 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:59 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:59 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:59 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:59 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:59 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:59 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:59 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:59 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:59 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:59 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:59 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:59 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:59 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:59 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:59 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:59 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:59 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:59 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:59 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:59 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:59 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:59 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:59 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:59 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:59 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:59 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:59 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:59 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:59 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:59 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:59 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:59 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:59 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:59 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:59 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:59 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:59 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:59 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:59 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:59 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:59 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:59 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:59 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:59 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:59 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:59 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:59 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:59 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:58 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:58 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:58 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:58 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:58 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:58 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:58 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:58 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:58 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:58 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:58 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:58 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:58 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:58 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:58 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:58 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:58 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:58 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:58 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:58 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:58 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:58 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:58 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:58 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:58 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:58 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:58 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:58 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:58 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:58 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:58 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:58 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:58 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:58 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:58 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:58 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:58 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:58 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:58 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:58 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:58 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:58 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:58 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:58 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:58 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:58 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:58 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:58 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:58 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:58 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:58 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:58 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:58 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:58 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:58 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

GreenPerl · 17.04.2017, 19:32

FRST.TXT TEIL 2

Code:

ATTFilter

2017-04-12 17:58 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:58 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:58 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:58 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:58 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:58 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 17:58 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:58 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:58 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:58 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:58 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:58 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:58 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:58 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:58 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:58 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:58 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:58 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:58 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 17:57 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:57 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:57 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:57 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:57 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:57 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:57 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:57 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:57 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:57 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:57 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:57 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:57 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:57 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:57 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:57 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:57 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:57 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:57 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:57 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:57 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:57 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-11 19:11 - 2017-04-17 09:47 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D39CFD81-D1C6-4591-84A7-8D7ECFEE43A9}
2017-04-11 18:59 - 2017-04-11 19:03 - 00037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-04-11 18:48 - 2017-04-11 18:48 - 00000222 _____ C:\Users\Владимир\Desktop\Knight Online.url
2017-04-10 10:38 - 2017-04-10 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-04-10 10:36 - 2017-04-10 10:36 - 01129376 _____ (Google Inc.) C:\Users\Владимир\Downloads\googledrivesync.exe
2017-04-06 17:45 - 2017-04-06 19:39 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premier Game 2017.lnk
2017-04-06 16:56 - 2017-04-06 17:18 - 1245563386 _____ C:\Users\Владимир\Downloads\Leto2017fix.zip
2017-04-06 16:45 - 2017-04-06 16:45 - 00049866 _____ C:\Users\Владимир\Downloads\SilentAim_v8.0[English Version].cs
2017-04-04 17:06 - 2017-04-04 17:06 - 00605675 _____ C:\Users\Владимир\Downloads\[samp-mods.com]_1456318280_sf_5_3_1_bin (1).zip
2017-04-04 17:01 - 2017-04-04 17:01 - 00387930 _____ C:\Users\Владимир\Downloads\CLEO4.1_setup.exe
2017-04-04 16:14 - 2017-04-04 16:16 - 16135195 _____ C:\Users\Владимир\Downloads\M_G Project for SAMP 0.3.7 [Update 3].rar
2017-04-04 15:55 - 2017-04-04 15:55 - 00024610 _____ C:\Users\Владимир\Downloads\1176_aim.rar
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-23 23:15 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-23 23:15 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-23 23:15 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-23 23:15 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-23 23:15 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-23 23:15 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-23 23:15 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-23 23:15 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-23 23:15 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-23 23:15 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-23 23:15 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-23 23:15 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-23 23:15 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-23 23:15 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-23 23:15 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-23 23:15 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-23 23:15 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-23 23:15 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-23 23:15 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-23 23:15 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-23 23:15 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-23 23:15 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-23 23:15 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-23 23:15 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-23 23:15 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-23 23:15 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-23 23:15 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-23 23:15 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-23 23:15 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-23 23:15 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-23 23:15 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-23 23:15 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-23 23:15 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-23 23:15 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-23 23:15 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-23 23:15 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-23 23:15 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-23 23:15 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-23 23:15 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-23 23:15 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-23 23:15 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-23 23:15 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-23 23:15 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-23 23:15 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-23 23:15 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-23 23:15 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-23 23:15 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-23 23:15 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-23 23:15 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-23 23:15 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-23 23:15 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-23 23:15 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-23 23:15 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-23 23:15 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-23 23:15 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-23 23:15 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-23 23:15 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-23 23:15 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-23 23:15 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-23 23:15 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-23 23:15 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-23 23:15 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-23 23:15 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-23 23:15 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-23 23:15 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-23 23:15 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-23 23:15 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-23 23:15 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-23 23:15 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-23 23:15 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-23 23:15 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-23 23:14 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-23 23:14 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-23 23:14 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-23 23:14 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-23 23:14 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-23 23:14 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-23 23:14 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-23 23:14 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-23 23:14 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-23 23:14 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-23 23:14 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-23 23:14 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-23 23:14 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-23 23:14 - 2017-03-04 08:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-03-23 23:14 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-23 23:14 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-23 23:14 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-23 23:14 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-23 23:14 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-23 23:14 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-23 23:14 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-23 23:14 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 23:14 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-23 23:14 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-23 23:14 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-23 23:14 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-23 23:14 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-23 23:14 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-23 23:14 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-23 23:14 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-23 23:14 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-23 23:14 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-23 23:14 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-23 23:14 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-23 23:13 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-23 23:13 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-23 23:13 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-23 23:13 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-23 23:13 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-23 23:13 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-23 23:13 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-23 23:13 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-23 23:13 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-23 23:13 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-23 23:13 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-23 23:13 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-23 23:13 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-23 23:13 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-23 23:13 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-23 23:13 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-23 23:13 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-23 23:13 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-23 23:13 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-23 23:13 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-23 23:13 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-23 23:13 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-23 23:13 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-23 23:13 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-23 23:13 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-23 23:13 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-23 23:13 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-23 23:13 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-23 23:13 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-23 23:13 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-23 23:13 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-23 23:13 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-23 23:13 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-23 23:13 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-23 23:13 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-23 23:13 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-23 23:13 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-23 23:13 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-23 23:13 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-23 23:13 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-23 23:13 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-23 23:13 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-23 23:13 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-23 23:13 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-23 23:13 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-23 23:13 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-23 23:13 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-23 23:13 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-23 23:13 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-23 23:13 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-23 23:13 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-23 23:13 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-23 23:13 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-23 23:13 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-23 23:13 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-23 23:12 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-23 23:12 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-23 23:12 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-23 23:12 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-23 23:12 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-23 23:12 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-23 23:12 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-23 23:12 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-23 23:12 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-23 23:12 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-23 23:12 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-23 23:12 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-23 23:12 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-23 23:12 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-23 23:12 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-23 23:12 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-23 23:12 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-23 23:12 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-23 23:12 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-23 23:12 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-23 23:12 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-23 23:12 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-23 23:12 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-23 23:12 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-23 23:12 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-23 23:12 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-23 23:12 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-23 23:12 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-23 23:12 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-23 23:12 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-23 23:12 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-23 23:12 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-23 23:12 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-23 23:12 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-23 23:12 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-23 23:12 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-23 23:12 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-23 23:12 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-23 23:12 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-23 23:12 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-23 23:12 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-23 23:12 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-23 23:12 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-23 23:12 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-23 23:12 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-23 23:12 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-23 23:12 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-23 23:12 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-23 23:12 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-23 23:12 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-23 23:12 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-23 23:12 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-23 23:12 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-23 23:12 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-23 23:12 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-23 23:12 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-23 23:12 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-23 23:12 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-23 23:12 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-23 23:12 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-23 23:12 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-23 23:12 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-23 23:12 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-23 23:12 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-23 23:12 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-23 23:12 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-23 23:12 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-23 23:11 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-23 23:11 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-23 23:11 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-23 23:11 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-23 23:11 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-23 23:11 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-23 23:11 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-23 23:11 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-23 23:11 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-23 23:11 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-23 23:11 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-23 23:11 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-23 23:11 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-23 23:11 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-23 23:11 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-23 23:11 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-23 23:11 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-23 23:11 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-23 23:11 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-23 23:11 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-23 23:11 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-23 23:11 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-23 23:11 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-23 23:11 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-23 23:11 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-23 23:11 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-23 23:11 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-23 23:11 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-23 23:11 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-23 23:11 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-23 23:11 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-23 23:11 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-23 23:11 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-23 23:11 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-23 23:11 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-23 23:11 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-23 23:11 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-23 23:11 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-23 23:11 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-23 23:11 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-23 23:11 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-23 23:11 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-23 23:11 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-23 23:11 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-23 23:11 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-23 23:11 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-23 23:11 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-23 23:11 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-23 23:11 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-23 23:11 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-23 23:11 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-23 23:11 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-23 23:11 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-23 23:11 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-23 23:11 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-23 23:11 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-23 23:11 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-23 23:11 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-23 23:10 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-23 22:05 - 2017-04-10 10:40 - 00000000 ____D C:\Users\Владимир\Desktop\ЬИС
2017-03-20 07:06 - 2017-04-15 13:27 - 00000000 ___HD C:\$WINDOWS.~BT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-17 20:24 - 2015-03-20 21:36 - 00000000 ____D C:\ProgramData\STOPzilla!
2017-04-17 20:22 - 2016-11-26 12:34 - 00000000 ____D C:\Users\Владимир\AppData\LocalLow\Mozilla
2017-04-17 20:12 - 2016-07-17 00:51 - 00811746 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-17 20:12 - 2016-07-17 00:51 - 00421164 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-17 20:12 - 2015-08-06 13:51 - 02867366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 20:05 - 2016-11-15 13:56 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-04-17 20:04 - 2016-09-08 20:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-17 20:03 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-17 19:54 - 2017-01-27 13:34 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-17 19:54 - 2015-08-06 15:08 - 00002438 _____ C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-17 19:54 - 2015-03-09 17:47 - 00000000 ___RD C:\Users\Владимир\OneDrive
2017-04-17 19:48 - 2015-01-12 11:04 - 00000000 ____D C:\Program Files (x86)\SystemVigor
2017-04-17 18:56 - 2016-09-08 19:50 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-17 18:48 - 2015-03-20 21:55 - 00000000 ____D C:\AdwCleaner
2017-04-17 13:13 - 2016-09-08 19:58 - 00000000 ____D C:\Users\Владимир
2017-04-17 11:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-17 11:02 - 2013-12-03 23:48 - 00000000 ____D C:\Users\Владимир\Desktop\Spiele
2017-04-16 23:13 - 2013-01-27 12:37 - 00000000 ____D C:\Users\Владимир\AppData\Local\Google
2017-04-15 17:26 - 2016-05-31 15:49 - 00000763 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2017-04-15 14:29 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-04-15 14:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-15 14:27 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-15 14:02 - 2017-01-26 15:09 - 00000000 ____D C:\WINDOWS\Panther
2017-04-15 12:02 - 2016-09-08 19:58 - 00000000 ____D C:\Users\Administrator
2017-04-15 12:01 - 2016-11-23 13:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-15 12:01 - 2015-05-05 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-14 14:51 - 2016-09-08 20:31 - 00003486 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-14 14:51 - 2016-09-08 20:31 - 00003362 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-14 14:40 - 2017-01-29 16:09 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-14 13:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-14 13:11 - 2015-06-11 18:15 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\LolClient
2017-04-13 20:25 - 2016-09-08 20:36 - 00000000 ____D C:\Program Files\MSBuild
2017-04-13 20:25 - 2016-08-13 07:52 - 00000000 ____D C:\Program Files\Bignox
2017-04-13 20:22 - 2013-07-06 14:00 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\uTorrent
2017-04-13 18:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-13 18:50 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 18:45 - 2016-09-08 19:49 - 05081424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 18:44 - 2013-06-09 14:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 18:44 - 2013-06-09 14:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 18:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 18:42 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-13 18:31 - 2014-04-06 09:26 - 00000000 ____D C:\ProgramData\IObit
2017-04-13 18:11 - 2013-01-19 20:37 - 00000000 ____D C:\Users\Владимир\AppData\Local\Unity
2017-04-13 18:02 - 2016-10-26 11:09 - 00021529 _____ C:\WINDOWS\unins000.dat
2017-04-13 17:14 - 2016-08-31 21:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-04-13 17:10 - 2013-06-09 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-13 16:32 - 2013-08-22 15:25 - 00000269 _____ C:\WINDOWS\win.ini
2017-04-13 12:42 - 2016-06-14 08:26 - 00000000 ____D C:\Users\Владимир\AppData\Local\SquirrelTemp
2017-04-13 10:43 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-11 21:25 - 2014-08-26 17:39 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-11 19:01 - 2015-04-04 19:54 - 00000000 ____D C:\Users\Владимир\AppData\Local\Steam
2017-04-11 12:31 - 2012-12-16 15:02 - 00000000 ____D C:\Users\Владимир\AppData\Local\Packages
2017-04-10 10:41 - 2017-03-09 17:04 - 00000000 ____D C:\Users\Владимир\Desktop\Terraria
2017-04-06 19:41 - 2014-02-10 21:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-06 19:40 - 2017-01-16 19:30 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-04-06 19:39 - 2013-02-11 21:01 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2017-04-06 18:35 - 2016-10-08 09:31 - 00000000 ____D C:\Users\Владимир\AppData\Roaming\SA-MP Audio Plugin
2017-04-06 17:47 - 2015-08-29 18:47 - 00000000 ____D C:\Users\Владимир\.oracle_jre_usage
2017-04-03 21:32 - 2016-11-15 14:03 - 00001318 _____ C:\Users\Владимир\Desktop\Paint.lnk
2017-04-03 21:32 - 2016-04-17 19:03 - 00001162 _____ C:\Users\Владимир\Desktop\Cheat Engine.lnk
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-28 08:20 - 2016-09-08 19:53 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-27 23:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-23 22:45 - 2014-01-04 19:58 - 00000132 _____ C:\Users\Владимир\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-04 19:58 - 2017-03-23 22:45 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-09-27 14:27 - 2015-09-27 14:27 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2016-01-31 18:57 - 2016-01-31 18:57 - 0000112 _____ () C:\Users\Владимир\AppData\Roaming\JP2K CS6 Prefs
2013-09-29 11:52 - 2013-09-29 11:52 - 0000000 _____ () C:\Users\Владимир\AppData\Roaming\lock.dat
2016-02-15 16:48 - 2016-02-15 16:48 - 0000000 _____ () C:\Users\Владимир\AppData\Roaming\mediaload.io.url.lock
2013-11-15 16:55 - 2013-11-27 20:14 - 0000736 _____ () C:\Users\Владимир\AppData\Roaming\tlauncher.rmo.ini
2016-10-30 15:27 - 2016-10-30 15:27 - 0000132 _____ () C:\Users\Владимир\AppData\Roaming\Установки формата PNG Adobe CS6
2014-02-10 21:40 - 2014-02-10 21:40 - 0000000 ___SH () C:\Users\Владимир\AppData\Local\LumaEmu
2014-01-05 09:29 - 2014-01-05 09:29 - 0001563 _____ () C:\Users\Владимир\AppData\Local\recently-used.xbel
2014-10-04 20:38 - 2014-10-04 20:38 - 0007605 _____ () C:\Users\Владимир\AppData\Local\Resmon.ResmonCfg
2016-12-16 20:32 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Владимир\AppData\Local\TroubleshooterConfig.json
2016-09-08 19:53 - 2016-09-08 19:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-09-22 05:32 - 2012-09-22 05:32 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2012-09-22 05:33 - 2012-09-22 05:33 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-09-22 05:25 - 2012-09-22 05:26 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-09-22 05:30 - 2012-09-22 05:31 - 0000111 _____ () C:\ProgramData\{39337565-330E-4ab6-A9AE-AC81E0720B10}.log
2012-09-22 05:23 - 2012-09-22 05:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-09-22 05:28 - 2012-09-22 05:28 - 0000032 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-09-22 05:33 - 2012-09-22 05:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
2012-09-22 05:28 - 2012-09-22 05:30 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2012-09-22 05:24 - 2012-09-22 05:25 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2012-09-22 05:26 - 2012-09-22 05:26 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Владимир\update-NFS-CARBON.bat


Einige Dateien in TEMP:
====================
2017-04-15 14:19 - 2015-03-23 17:58 - 1207376 ____N (CANON INC.) C:\Users\Владимир\AppData\Local\Temp\MSETUP4.EXE

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-15 14:53

==================== Ende von FRST.txt ============================

GreenPerl · 17.04.2017, 19:33

Addition.TXT

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
durchgeführt von Владимир (17-04-2017 20:25:59)
Gestartet von C:\Users\Владимир\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-08 18:48:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3093447193-1613427322-2618303830-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3093447193-1613427322-2618303830-503 - Limited - Disabled)
Gast (S-1-5-21-3093447193-1613427322-2618303830-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3093447193-1613427322-2618303830-1007 - Limited - Enabled)
Владимир (S-1-5-21-3093447193-1613427322-2618303830-1001 - Administrator - Enabled) => C:\Users\Владимир

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: STOPzilla (Enabled - Up to date) {E375F917-FA8E-0C29-B3C0-275922AEB69A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{5D0428D2-B5EA-46C8-B678-5F0485BC1DA1}_is1) (Version: 13.0.1.0 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version:  - )
Axife Mouse Recorder Standard (HKLM-x32\...\Axife Mouse Recorder Standard_is1) (Version: Standard V6.0.2 - AutomaticSolution Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG5700 series Benutzerregistrierung (HKLM-x32\...\Canon MG5700 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Elsword 1.0 (HKLM-x32\...\Elsword_de_is1) (Version: 1.0 - Gameforge4d)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game Dev Tycoon Version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.552.36800 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Ground War Tanks (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Ground War Tanks) (Version: 1.91 - Mail.Ru)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E671D411-5F2E-45D6-957C-EB78641192AB}) (Version: 15.05.4000.1515 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Knight Online (HKLM\...\Steam App 389430) (Version:  - Noah System)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games)
LEGO Minifigures Online - 1  (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\423b93224c69643b) (Version: 1.0.0.0 - Funcom)
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\MK LOL) (Version:  - )
Mouse driver v1.1 (HKLM-x32\...\uni mouse driver) (Version:  - )
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MTA:SA v1.5.3 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.3 - Multi Theft Auto)
Need for Speed™ Undercover (HKLM-x32\...\Need for Speed™ Undercover_is1) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
NextUp-ScanSoft Katerina Russian Voice (HKLM-x32\...\{8C52F1AF-A1C1-4F44-8760-4E1D4D2B4447}) (Version: 4.0.0 - NextUp.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 43.0.2442.806 (HKLM-x32\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Orion Live (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Orion Live) (Version: 1.1 - Mail.Ru)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.213.0 - Overwolf Ltd.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0072 - Pegatron Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.10.1-r112682-release - Plays.tv, LLC)
Pokemon Trading Card Game Online (HKLM-x32\...\{CEF0FDC7-85EA-4053-8669-3F5E54FCD9B0}) (Version: 2.25.0 - The Pokemon Company International)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
QuickBinder 1.7 (HKLM-x32\...\QuickBinder 1.7) (Version:  - )
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
ScreenShooter5 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\ScreenShooter5) (Version: 5.0 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Star Conflict Launcher 1.0.1.60 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
STOPzilla AntiMalware (HKLM-x32\...\{019A9AD2-F530-40DB-B27F-95EE1E77E6A8}) (Version: 6.5.2.59 - iS3, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.8.0.10 - GOG.com)
The Sims 3 Collections Edition (HKLM-x32\...\The Sims 3 Collections Edition_is1) (Version:  - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.66.2 - Electronic Arts)
Transformice (HKLM-x32\...\Steam App 335240) (Version:  - Atelier 801)
Transformice (HKLM-x32\...\Transformice) (Version: 1.0.0 - UNKNOWN)
Transformice (x32 Version: 1.0.0 - UNKNOWN) Hidden
Trove North America (HKLM-x32\...\Glyph Trove North America) (Version:  - Trion Worlds, Inc.)
Ultimate-Discounter Browser (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Ultimate-Discounter Browser) (Version: 2.25 - ultimate-discounter.com)
Unity Web Player (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3172492) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{EF472462-0A4C-480C-AE1B-FA192B0B17AB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version:  - Microsoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VKSync 1.6 (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\VKSync_v1_is1) (Version: 1.6 - VKSync.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warface (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\Warface) (Version: 1.122 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wooxy version 1.4.2.2 (HKLM-x32\...\{C183CD14-47D8-4F98-AF06-4744CB834C8E}_is1) (Version: 1.4.2.2 - Chewy)
X-Mouse Button Control 2.13.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.13.1 - Highresolution Enterprises)
Говорилка (HKLM-x32\...\Говорилка 2_is1) (Version:  - Anton Ryazanov)
Игровой центр (HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\GameCenterMailRu) (Version: 3.1156 - ООО "Мэйл.Ру Геймз")

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3093447193-1613427322-2618303830-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Владимир\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {033D3E24-94A4-4231-9067-85E0C299C41E} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation)
Task: {03AFE6F0-CCC9-43F5-8B87-0D3FCE59401A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {04489F53-F0CF-416C-ADBC-4AC75508BEA5} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Владимир\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {24D557AB-939B-4760-89CA-5E4F61C68C7F} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {6ED3CE73-8396-4BD7-9591-0AC08932E858} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14] (Google Inc.)
Task: {71CF621E-88F0-4A0E-9165-E488A8154DB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {7621D091-2678-471E-9DA7-90DE88C686E4} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe 
Task: {83569399-355A-452D-8A86-3EA4477C1EBA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {97DB6EEE-B3C9-489A-AD0C-3D45863EAB4C} - System32\Tasks\{DBB1B54C-7B2B-4562-98C7-156CC5335602} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {99529E7A-ADB3-4723-B9AE-EE9A2DA7850E} - System32\Tasks\{BFEDF5E7-1A00-4B58-84DD-FA3012E560D0} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/de/abandoninstall?page=tsProgressBar
Task: {9E69067A-B7E6-4F9C-81FC-BE66C71ED4DA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8D02010-A1ED-4D49-AF4A-31F033128E6B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {B2A413A4-6075-4AEC-B80D-41A053E1A708} - System32\Tasks\{454AB131-A977-4A0F-A4F0-2B355F6D6FD5} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {B77EED8F-3513-43AD-AE72-B29BD3E958B3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-09] (Adobe Systems Incorporated)
Task: {B7D2FB40-0F6A-472A-8DDE-E0A325454CE8} - System32\Tasks\{9066AE82-FEA3-4FE1-828C-02198DDB138B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.14.0.106.272/de/abandoninstall?page=tsProgressBar
Task: {BCE1CC24-943A-4EC3-93A9-0563646A0B91} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D0F043F1-DCC7-44CD-9239-298BA2EFE226} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D24274F8-C5A7-4C4C-B313-6851127C30FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D5A0511C-ED26-4EB4-8BA4-26DAEDD9A633} - System32\Tasks\{5B856681-4E5D-4E8E-B141-E11194800FD6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.0.101.272/de/abandoninstall?page=tsProgressBar
Task: {E498229F-6EBF-4E71-A239-9D31D3EA82A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F46D1723-9B0F-4675-A9C4-B6F5FF52FC39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\0gpq9yhSEg64k63tcR.job => C:\Users\��������\AppData\Roaming\0gpq9yhSEg64k63tcR.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9FBMyZsgTEMdnyWA33LwrNWrt.job => C:\Users\��������\AppData\Roaming\9FBMyZsgTEMdnyWA33LwrNWrt.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\jOBV6Pms0URwG1b3H.job => C:\Users\��������\AppData\Roaming\jOBV6Pms0URwG1b3H.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\tU58wIot70Me6sh72.job => C:\Users\��������\AppData\Roaming\tU58wIot70Me6sh72.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Владимир\Desktop\Spiele\Игровой центр@Mail.Ru.lnk -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VKSync\Удалить VKSync.lnk -> C:\Users\Владимир\AppData\Local\VKSync\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Сайт игры Star Conflict.lnk -> C:\Program Files (x86)\Star Conflict\doc\sc_website_ru.url () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Удалить игру.lnk -> C:\Program Files (x86)\Star Conflict\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Conflict\ Форум игры Star Conflict.lnk -> C:\Program Files (x86)\Star Conflict\doc\sc_forum_ru.url () <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA San Andreas\Запуск GTA San Andreas.lnk -> C:\Users\Владимир\Desktop\minecraft mit mods\SA GTA\gta_sa.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA San Andreas\Удалить Локализацию GTA San Andreas.lnk -> C:\Users\Владимир\Desktop\minecraft mit mods\SA GTA\Uninstall_loc.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Windows\SendTo\МойМир@Mail.ru.lnk -> C:\Users\Владимир\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Владимир\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru Агент.lnk -> C:\Users\Владимир\AppData\Roaming\Mail.Ru\Agent\magent.exe (Keine Datei) <===== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-09-24 06:08 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-09-24 06:08 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2017-04-15 14:22 - 2016-02-04 11:53 - 00387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-03-30 20:25 - 2016-03-30 20:25 - 00707072 _____ () C:\Riot Games\LolScreenSaver\service\service.exe
2013-01-26 19:09 - 2015-11-07 20:02 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-09-22 05:28 - 2010-08-19 11:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-04-17 19:05 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-17 19:06 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-09-24 06:08 - 2012-09-14 13:17 - 00844288 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-09-24 06:08 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-09-24 06:08 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2017-04-12 17:58 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2012-09-24 06:08 - 2012-03-27 20:48 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2016-09-15 22:00 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-23 23:11 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-23 23:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-23 23:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:58 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:58 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 10:25 - 2017-04-10 10:26 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 10:25 - 2017-04-10 10:26 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2013-10-04 23:58 - 2013-10-04 23:58 - 00660128 _____ () C:\WINDOWS\SYSTEM32\MSVCP120.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2012-09-24 06:08 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-09-24 06:08 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2012-09-24 05:26 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [346]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Classes\exefile:  <===== ACHTUNG
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Software\Classes\.exe: exefile =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2017-04-13 21:54 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Владимир\Desktop\57655806_p0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "filesfrog_apt_flvplayer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "gmsd_de_563"
HKLM\...\StartupApproved\Run32: => "gmsd_de_579"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "minecraft.net.exe"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "MAgent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A514171D209E742E32DFDF7475D227"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GameCenterMailRu"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_86F0DE8F533C9D94724628C0F67BC0A2"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "StartButton"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3093447193-1613427322-2618303830-1001\...\StartupApproved\Run: => "rblbdqbvul"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Sims 3 Collections Edition\Game\Bin\TS3.exe] => Disabled:Sims3

==================== Wiederherstellungspunkte =========================

17-04-2017 13:02:22 Installed ISO Recorder

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/17/2017 08:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 52.0.2.6291, Zeitstempel: 0x58d41e88
Name des fehlerhaften Moduls: mozglue.dll, Version: 52.0.2.6291, Zeitstempel: 0x58d41a1f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f73b
ID des fehlerhaften Prozesses: 0x157c
Startzeit der fehlerhaften Anwendung: 0x01d2b79c8e1f677c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 2a9ae5ee-88e1-40f3-8c47-f0722545aaac
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/17/2017 08:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 52.0.2.6291, Zeitstempel: 0x58d41a2d
Name des fehlerhaften Moduls: mozglue.dll, Version: 52.0.2.6291, Zeitstempel: 0x58d41a1f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f73b
ID des fehlerhaften Prozesses: 0x10a0
Startzeit der fehlerhaften Anwendung: 0x01d2b79c4c41a230
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: a85083c8-3abe-466c-9d1b-b48e116a711e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/17/2017 08:01:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 17.4.2017.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 107c

Startzeit: 01d2b7a38d1735dd

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\Владимир\Desktop\FRST64.exe

Berichts-ID: df12f167-2397-11e7-80b5-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/17/2017 01:02:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/17/2017 09:47:20 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/16/2017 11:19:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 57.0.2987.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c1c

Startzeit: 01d2b6f6bc5c8b6f

Beendigungszeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 464ea571-22ea-11e7-80af-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/16/2017 11:12:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 15.0.4911.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18c8

Startzeit: 01d2b6e3559ba2c7

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE

Berichts-ID: 60b4261e-22e9-11e7-80af-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/16/2017 10:24:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/15/2017 02:47:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 57.0.2987.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2544

Startzeit: 01d2b5e5dc194e45

Beendigungszeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 7821c120-21d9-11e7-80ad-4c72b9fbc07b

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/15/2017 02:21:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSETUP4.EXE, Version: 16.0.0.0, Zeitstempel: 0x550fb258
Name des fehlerhaften Moduls: CNMDWLD.DLL, Version: 1.0.0.0, Zeitstempel: 0x4ec1fdc5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023c6
ID des fehlerhaften Prozesses: 0x15d4
Startzeit der fehlerhaften Anwendung: 0x01d2b5e2bd5ccc69
Pfad der fehlerhaften Anwendung: C:\Users\18EE~1\AppData\Local\Temp\MSETUP4.EXE
Pfad des fehlerhaften Moduls: E:\WIN\CNMDWLD.DLL
Berichtskennung: 23b602cb-bb92-401f-890c-9fc88baa9674
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (04/17/2017 08:07:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_f41eb" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (04/17/2017 08:05:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SystemUsageReportSvc_QUEENCREEK" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/17/2017 08:05:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SystemUsageReportSvc_QUEENCREEK erreicht.

Error: (04/17/2017 08:04:32 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (04/17/2017 08:03:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMService erreicht.

Error: (04/17/2017 08:02:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/17/2017 07:00:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_89268" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (04/17/2017 06:57:40 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000001 (0x00000000757c222c, 0x0000000000000000, 0x000000000000ffff, 0xffffa8801a3c6c80). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: c74d3081-90f5-4276-be0a-c4d641cd26ef.

Error: (04/17/2017 06:56:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎17.‎04.‎2017 um 18:52:19 unerwartet heruntergefahren.

Error: (04/17/2017 06:52:21 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3972.63 MB
Verfügbarer physikalischer RAM: 1244.25 MB
Summe virtueller Speicher: 4868.63 MB
Verfügbarer virtueller Speicher: 1925.41 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:402.9 GB) (Free:111.05 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:24.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3A192899)

Partition: GPT.

==================== Ende von Addition.txt ============================

Danke Für die Hilfe

M-K-D-B · 18.04.2017, 10:13

Servus,

Schritt 1

Im Anhang meines Posts findest du die Datei fixlist.txt. Speichere diese Datei im selben Verzeichnis, indem sich die FRST.exe befindet.
Starte die FRST.exe erneut.
Klicke auf den Button Entfernen.
Der Entfernungsprozess startet, dein Rechner benötigt am Ende einen Neustart.
Nach dem Neustart findest du eine Datei fixlog.txt im selben Verzeichnis, in der sich auch die FRST.exe befindet.
Poste mir den Inhalt dieser Datei mit deiner nächsten Antwort.

Schritt 2

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

M-K-D-B · 21.04.2017, 20:08

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Fast bei jedem Klick auf einer Website öffnet sich Werbung in einem neuen Tab (Chrome,Firefox)

Log-Analyse und Auswertung: Fast bei jedem Klick auf einer Website öffnet sich Werbung in einem neuen Tab (Chrome,Firefox)