| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ambworks nicht zu löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.06.2017, 22:49
| #1 |
 |  Ambworks nicht zu löschen Hallo und guten Abend zusammen! Ich war vor ein paar Jahren schon mal hier, und es konnte mir geholfen werden.... Mein Problem jetzt: ...\AppData\Local\Ambworks läßt sich nicht löschen, mit unlocker gelöscht, ist es nach dem nächsten Reboot wieder da. Die bemängelte Datei hat immer einen neuen Namen, es ist eine dll. Irgendwie komme ich an diesem Punkt nicht weiter, hat jemand schon einmal hiermit zu tun gehabt? Gruß, Moxito. |
|
16.06.2017, 23:05
| #2 |
| /// TB-Senior   | Ambworks nicht zu löschen Hallo und
__________________ Bevor wir beginnen beachte bitte Folgendes:
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommstIch habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld  Schritt 1: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
16.06.2017, 23:17
| #3 |
| | Ambworks nicht zu löschen Hallo Tician,
__________________vielen Dank für die Rückmeldung. Ich hatte vergessen, zu erwähnen: BS ist Windows10pro, ich scanne regelmäßig, alle Updates sind installiert (Rechner läuft 24/7) und was meinst du mit neueren Logs? Wovon? Gruß, Moxito. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by moxito (17-06-2017 00:15:04)
Running from C:\Users\moxito\Desktop
Windows 10 Enterprise Version 1607 (X64) (2016-10-10 23:15:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1078665582-1449517287-1295239923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1078665582-1449517287-1295239923-503 - Limited - Disabled)
Guest (S-1-5-21-1078665582-1449517287-1295239923-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1078665582-1449517287-1295239923-1005 - Limited - Enabled)
moxito (S-1-5-21-1078665582-1449517287-1295239923-1001 - Administrator - Enabled) => C:\Users\moxito
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )
360 Browser (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\360Browser) (Version: 7.5.2.108 - 360 Security Center)
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.6.0 - SlySoft)
ApoDispatchConfigurator (Version: 2.3.1401 - Nahimic) Hidden
AudioLaunchpadConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.)
Battery Calibration (x32 Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.6323 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
CCTalk (HKLM-x32\...\CCTalk) (Version: 6.0.0.1 - www.hujiang.com, Inc.)
CheckDevicesConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.)
Dragon Center (x32 Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FRN Client 2014 (HKLM-x32\...\FRN Client_is1) (Version: - Free Radio Network)
FRN Server 2014 (HKLM-x32\...\FRN Server_is1) (Version: - Free Radio Network)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hauppauge WinTV 8 (HKLM-x32\...\Hauppauge WinTV 8) (Version: v8.0.34284 (CD 5.1 AAC) - Hauppauge Computer Works)
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.)
Help Desk (x32 Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{281badd0-7e11-494b-bdf7-34d6a2615c3c}) (Version: 6.2.0.19 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.2.0.19 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1122 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Kodi (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Kodi) (Version: - XBMC-Foundation)
LauncherSetup (Version: 2.3.1401 - Nahimic) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
LenovoUsbDriver 1.1.9 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.9 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic)
Nahimic2UISetup (Version: 2.3.1401 - Nahimic) Hidden
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}) (Version: 8.0.182 - Nero AG)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Nitro Reader 5 (HKLM\...\{1DF310B2-0BE7-4CD7-8FCF-54B1ADB067D3}) (Version: 5.5.6.21 - Nitro)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation)
ProductDaemonSetup (Version: 2.3.1401 - Nahimic) Hidden
ProductNSConfigurator (Version: 2.3.1401 - Nahimic) Hidden
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
QQ音乐2016 (HKLM-x32\...\QQMusic) (Version: 12.97.3627.1201 - 腾讯科技(深圳)有限公司)
QTranslate 5.7.0.3 (HKLM-x32\...\QTranslate) (Version: 5.7.0.3 - QuestSoft)
QT语音 (HKLM-x32\...\QT语音) (Version: 11.43.0.17707.483 - 腾讯科技(深圳)有限公司)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 12.0.0.102 - Qualcomm Atheros)
QvodPlayer v3.5 (HKLM-x32\...\QvodPlayer) (Version: 3.5 - Shenzhen QVOD Technology Co.,Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)
SDR-RADIO.com (V2) (HKLM-x32\...\SDR-RADIO.com (V2)) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SonicMapperConfigurator (Version: 2.3.1401 - Nahimic) Hidden
SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated)
TalkTV (HKLM-x32\...\{F768F6BA-F164-4599-BC26-DCCFC2F71983}_is1) (Version: 4.1.3 - TalkTV)
Technotrend Viewer (HKLM-x32\...\TT-Viewer_is1) (Version: - CM&V)
The Bat! Professional v3.99.29 (HKLM-x32\...\{CA8D1F57-1D54-463F-A97D-9D740EBBD285}) (Version: 3.99.29 - Ritlabs)
TomTom HOME (HKLM-x32\...\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}) (Version: 2.9.94 - Ihr Firmenname)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
UIInstallUpgrade (Version: 2.3.1401 - Nahimic) Hidden
UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
YY version 1.0 (HKLM-x32\...\{76E0BCEF-DBB1-4257-8230-6DE2310E4813}_is1) (Version: 1.0 - Joe)
YY8 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\YY8) (Version: 8.3.0.2 - 多玩游戏网)
Zattoo Live TV (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\6e425e00e7cd59c7) (Version: 1.0.0.51 - Zattoo Europa AG)
央视影音 (HKLM-x32\...\{07F79EE3-1012-40BF-BEE7-A07EE6C284DC}_is1) (Version: 4.0.8.0 - 中国网络电视台)
搜狗拼音输入法 8.0正式版 (HKLM-x32\...\Sogou Input) (Version: 8.0.0.8381 - Sogou.com)
有道词典 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\有道词典) (Version: 6.3 - 网易公司)
百度云管家 (HKLM-x32\...\百度云管家) (Version: 5.4.9 - 百度在线网络技术(北京)有限公司)
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 8.6.18804.0 - 腾讯科技(深圳)有限公司)
腾讯TM2009 (HKLM-x32\...\{260706D6-56D3-41E8-9183-DC4DF54B7F4B}) (Version: 1.41.1287.0 - 腾讯科技(深圳)有限公司)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{2E445E22-1A5F-4C84-B963-BB65D07C1FB3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{40C842B5-9E7D-4FBD-8E05-021F4B6F5CA5}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{A5110465-0F43-4586-9DEC-73DCC0CBCF08}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {066AC61E-1658-4034-8524-C0F15BD63338} - System32\Tasks\gsrun.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\gsrun.exe [2016-10-13] ()
Task: {06F7876A-D01A-42DE-B0BB-34D3F2C31961} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {07B42A73-B318-4361-8F73-910851DAA954} - System32\Tasks\me.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1195CE57-9B94-42B6-BD81-89095373206D} - System32\Tasks\MeLogo_{67679FCB-7ECA-4db5-B5AE-E6B4E178D0BA} => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1574B4F0-4EB0-481D-B3D6-875944676A34} - \{057E7D47-7D0A-0A7A-7911-0E040E78110C} -> No File <==== ATTENTION
Task: {25DED191-9070-42A0-9253-062048019AE6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {32F11BBA-6316-404F-9DC7-B8F7FE491A05} - System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B} => C:\ProgramData\{EB8ACCE0-5C21-7B4B-7EE8-1C19ABAD4F85}\3B2BA978-8C80-1ED3-88ED-20DA0EEA8994.exe <==== ATTENTION
Task: {3BCE144F-14C8-4842-8A53-661187BBC8A0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-01-13] ()
Task: {3E407DC0-759C-44BB-88AC-AF6AC6A3A08B} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2017-01-13] ()
Task: {41607316-F1F1-4C25-B261-37C521ABF4CA} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {4220DF88-E589-414A-B2EA-098D3E0E6500} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [2017-05-31] (Micro-Star International Co., Ltd.)
Task: {47435CE5-D1F2-4C13-A77E-DEADE332ED23} - System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\58bca3a8\52456f97.dll" <==== ATTENTION
Task: {49FC50FD-0B66-420F-8C7C-52B54AC07DAB} - System32\Tasks\HuanjuGameUpdate => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe [2017-05-21] (YY Inc.)
Task: {4E03935F-200C-45FD-9C69-7E21824D8529} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {52CC2439-C048-4BE9-B616-C6A62EBF5D60} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {66632B7C-EA9C-4F6B-9AA6-9122D4A185F8} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2016-09-02] (Sogou.com Inc.)
Task: {743767E4-92ED-4EB8-BDE6-031C7AC9E9EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {77B29FB4-A203-4C87-AD47-184CA218CF3C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {7AD8FA13-DAA9-47B8-A54D-CF5009AB44F4} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {84F0B267-E639-40B1-8A5B-C527E0D0D998} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {8D282348-DBD4-4BD7-9A44-95F8462FC27E} - System32\Tasks\yyplayer.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yyplayer.exe [2016-10-13] ()
Task: {B86BD242-2DD2-49F3-A8FC-C7DFFF24FEF0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {BB0CB973-6950-4BF2-A895-DAB4D24C13C2} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavUpdater.exe [2017-01-28] (Baidu, Inc.)
Task: {BB5B22AA-238A-4B32-8984-B8A3F29072CE} - System32\Tasks\yygamestore.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yygamestore.exe [2016-10-13] ()
Task: {C54E8752-58C3-4FA0-9D33-A0404C058363} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2017-01-13] ()
Task: {CB33CC10-7C4E-4BB2-9E8B-6E9E3DE606AD} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2016-05-06] (Micro-Star International Co., Ltd.)
Task: {CC5DB9A6-FD83-429B-82E0-B343682013B5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {CDDE24C0-6063-4256-96AD-7C83C1F684C8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {D4BCAAFF-C409-468A-8CF1-FCF6B4054779} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F2852D36-A114-43F8-BD54-1577764A3D45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-21] (Adobe Systems Incorporated)
Task: {F68E41E9-0104-4361-A8EE-6CCD3F70FFA2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HuanjuGameUpdate.job => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-27 13:26 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2011-08-22 17:34 - 2011-08-22 17:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00048568 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper64.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00218296 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00289976 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2017-02-12 17:08 - 2015-02-27 15:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2017-01-13 10:49 - 2017-01-13 10:49 - 00705208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2017-01-13 10:50 - 2017-01-13 10:50 - 02054328 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2017-01-13 10:54 - 2017-01-13 10:54 - 00513208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2014-09-30 02:51 - 2014-09-30 02:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-11-25 16:45 - 2016-11-25 16:45 - 02515520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
2016-07-26 11:07 - 2017-06-16 22:06 - 01052192 _____ () C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00192952 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe
2016-11-28 14:45 - 2015-09-27 11:25 - 00035840 _____ () C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\FritzBoxTraffic1013.gadget\FritzBoxTrafficMonitorLib.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\HipsLogger.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BNetOp.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\sqlite.dll
2017-01-28 04:16 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\dark.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 01120752 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Operation.dll
2016-11-25 00:13 - 2011-08-23 14:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2016-12-09 16:53 - 2016-12-09 10:21 - 00368128 _____ () c:\programdata\microsoft\visualstudio\14.0\2052\msmg.dll
2017-01-18 15:01 - 2017-01-18 06:18 - 00443904 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\3082\nonsdkaddonlangver.dll
2016-05-05 10:53 - 2017-06-16 21:39 - 00713504 _____ () C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\qpsafeplugin.dll
2011-08-22 17:23 - 2011-08-22 17:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-09-27 13:26 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-13 10:48 - 2017-01-13 10:48 - 00189112 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2017-01-13 10:46 - 2017-01-13 10:46 - 00262840 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00042936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper32.dll
2016-10-30 19:55 - 2016-10-30 19:55 - 00108544 __RSH () C:\Program Files (x86)\SlySoft\AnyDVD\BRD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00095936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\CrashRpt.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 34880064 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\libcef.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 03795520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\v8.dll
2016-11-25 16:44 - 2016-11-25 16:44 - 01577912 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\Stable\Acrobat2Dict.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 01874496 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\ffmpegsumo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00155192 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\lua.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00089656 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\zlib.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00138808 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libexpatw.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00159288 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libpng.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00286264 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libjpegturbo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00495160 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\VP8.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00941624 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\TRAE.DLL
2017-01-28 04:16 - 2017-01-28 04:16 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Pulgin_Dark_DeleteFileTip.dll
2017-06-16 23:32 - 2017-06-16 23:32 - 01307136 _____ () C:\Users\moxito\AppData\Local\Ambworks\vtmbuvmp.dll
2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-19 22:20 - 2014-08-28 09:49 - 00887624 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libglesv2.dll
2017-01-19 22:20 - 2014-08-28 09:49 - 00110408 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libegl.dll
2017-01-19 22:20 - 2014-05-29 14:46 - 04055504 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\pdf.dll
2017-01-19 22:20 - 2014-08-29 09:29 - 01875784 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2017-01-28 01:43 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => " Malwarebytes Anti-Malware (cleanup)"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\StartupFolder: => "CCTalk.lnk"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CNTV-CBox"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CBoxService"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "YYAssistant"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE39C442-3DC6-4243-A674-02F31C37F9E7}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{ACFB4839-4B17-4430-B6F0-8C234D1C509B}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CEFCF085-AC3C-4B1C-B0FF-2C51D1AD339C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{53F4CB2C-7672-4F31-A2F9-62989417793F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{43A23B75-74E8-4875-9A65-CC0CCECF0F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2F86D7C7-F739-4A76-A3A9-0C34651FED92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FBA342AE-35EE-4750-910F-CE78E00118EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB2C5D8C-7E1E-4324-AB48-78593709BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{844B361F-D871-4C06-987B-462B094C2573}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2061BD21-6061-422C-8523-065687C533FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A359A2C1-C028-4350-A631-F496D5477FB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{71FA7AB2-9E15-46F8-A963-D82667A03415}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C48FC8B7-1DC6-4455-B699-CE06502CDB2F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7150BA5F-B30A-4D64-B823-F89DE0A830BD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B310D159-F3F2-45EB-A5FE-953947A4BE1D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B881DE74-70F2-4EBA-8025-04098ED82486}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{C7AF81E2-2AB8-4951-8285-CFDC1AD3079B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{AEB5BA9D-F104-4486-9BB2-DE7FB73A14C9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0D600F81-A48E-4F61-8E6C-C1080833002A}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{7D07C0F1-7085-4E51-B4F5-02EFB9979BD6}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [UDP Query User{6D500D6D-0622-493B-8922-7B6C6AC6594D}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [TCP Query User{0CE7BE09-640F-4DEF-9446-12028651A4B2}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{3875BA83-5C8C-4DB6-9A2A-465B7C93CFDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{478080CB-538B-43CE-9228-EB1DFBEB573F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E7E6FE5A-C0F8-4573-86A1-C3BBC3E1FEE1}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E3AC73CB-85FD-4BFE-93E7-0937E4C71984}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{55BB1B60-D077-4E19-B71F-7E53DA95C475}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{33751988-263F-4609-9C75-E0A3788542AC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{D53BA843-D88B-46F3-987C-7E82CA24861D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{770B7A06-DB83-4087-9819-D33F8A3590CF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{8D482EBE-AA6E-411A-B90A-C8FFC0CE9FC6}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{99831EB5-9E79-4FC7-B2B3-BD6C88B049FC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{50431C4D-6CC7-4F91-9FD6-160DA53EC800}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{29441021-B130-4DCB-8A2C-98E3654EAB8E}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{83B2C97B-D8EC-4022-A2D2-E92E7D323D85}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [TCP Query User{2B248973-D5C1-4568-B90F-508D8AE0D0E6}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [UDP Query User{D34EC77D-ABF0-40A4-8D31-1EB46795B998}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [{DF707D42-B066-4440-A290-76C3782F7D20}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{CBCC3D60-D1D0-45D6-B4BF-24B3FA51CC7A}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{791391FB-26F6-4455-ABAB-F0CC178163D2}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{D422F381-3BB5-46FF-A8DB-07A9F1C39410}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{9BD45F0A-D4CC-4CEA-84E6-0DB37326C47F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EC9E85AA-6E4F-4F46-ACB9-73FDA2D4D21B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{77FDE012-D87A-44AD-B6D0-94B3A9B6FC22}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{CEF220D9-C4B8-43AF-B1AD-AF5F286B2E19}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{928F44AB-072E-40CC-BA43-E6BC9320A81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{856ACEC8-3599-4335-BBCC-62BBCD61DC6D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{83F1A492-987E-4799-BFC4-B2190523875C}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{AB07117A-6A25-427D-8370-FBA11D71F3C4}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{73B22CDE-F42F-48D0-ABDE-CEBDEA261561}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{BD10F1F2-821D-4AA7-A5BB-6517CEAFD0EB}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{C2AF2505-834E-4CF7-8AD4-EFCF2489688A}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{E0794B69-C90C-45A5-A33D-073392938B3D}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [TCP Query User{FF9524A3-306C-4072-987A-3B52600DAE87}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [UDP Query User{7198139F-6FC4-485D-969C-3974742B20E1}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [{46AD7F9B-EA90-441C-92A4-C625FD5AFC3D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{7D63BBB3-557E-4FA0-A0B1-3311761D7245}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{004FC471-A249-4476-9233-97837F5DC187}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{E9CB61D5-2A6F-4D36-B053-46B9A4E82DD6}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{41BD44A0-3B8E-4D2F-984C-DB0A9747D92C}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{38F6F4C3-06C7-4F2C-A56A-223A528AAC34}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{016D1F2C-DA2F-4B0A-B5AC-920F9726FFC1}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{2456EF25-4F38-43D0-96F8-E95CD2D91E31}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{0E1C2F32-B86C-4260-BD9C-38FCF76181A8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{E11CDFE4-AEFB-409A-9947-2082963FDB2D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{A803234B-AF31-471F-AB88-14763ED74CBB}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{DA0F938A-CD7A-43F0-A86F-68651FBC84D8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{1B840E50-2AD0-4D3E-BDC8-366478D56844}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{E8B5E362-0CBF-409B-AECA-041D925C0C92}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{9B0C0FF5-8CF3-4601-A9A8-5FEB03062501}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{A8C0E650-29AC-4198-8ECC-3A7D52D166A4}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5D4FE374-A1CE-49E0-AF1D-EE024A7E8DEE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{7769A548-F7A8-4E30-8C27-7978B0141D90}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5773DC5E-741B-4A49-AFAC-5ECDDAECCBDE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{C307F899-B1CE-4AA9-BA01-4FF5450FBAF5}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{022A31EF-B2B8-4297-8E3F-675C15DE94AC}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{AE75BACB-263F-4C0F-87AA-7247D82B0CBF}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{1D5162A3-4235-4D03-B504-C4F4F7246E53}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{901D2A03-DABD-474A-8B3D-976A205B8422}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{2F3B86E9-CE22-4695-85F4-3B6BDFED3C5A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{514EE4BC-9EEE-4677-B4D2-4D9E74321D29}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{ED1E880D-383C-44C1-92D3-E8CA804F9221}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4448BD80-0766-4AF6-8BF2-10B269418FE3}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{1A995BD3-762A-4327-9D40-39043A72168A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4DC55797-A6D6-4594-BB8E-45CBFF359500}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{C2EC3A64-8BB9-4E9D-8749-82C9ED99F790}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{79E67A5E-81D2-4B24-900A-233B96A73BCD}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{F565A5A4-9F6D-4DED-B6BC-5014E9671545}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3A531803-0279-4217-B535-4982A56D73A7}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{53783036-D1FC-440D-B36B-DF723723216D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{BA595CB8-3A7C-478F-8D36-16E98FFF5B57}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3ECCB7EE-F978-42BC-A9B6-325DD4BA322B}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{601CC53D-79DA-4246-B7EB-07C2D086FFD0}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{29D7ADFD-4772-4B73-9C4D-BEF485E987EE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{99554E8E-DC9F-4433-8FC8-B9C134B75403}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{B4E4F695-34B7-4187-9F9F-E9AEEC55D094}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{90B48959-73E8-483B-9EF6-4F660EB44F70}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{A21AA5AE-676B-4D0A-9946-9F8F5DD222B4}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{1BBF2246-CD1C-4829-AD1A-E8CAEBA612A9}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{BA93C79E-F926-497B-89EF-492E13588D7D}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{B2C4F98E-6E0C-489A-A744-6BD5BAD22C18}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{54347CA7-88C3-4931-B431-E80A289FEA32}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{368F75CF-9388-47ED-B631-65B1C9668E86}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{2E09659B-6EA8-4509-BC8B-89A1F52CAED7}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{F7F9C92B-2D60-4A82-833E-ECD3CB8D7997}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{50607091-02F0-4003-A9C1-3AB89E5D2947}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{0CD70842-A679-4531-AAB3-E5E8015B373D}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [TCP Query User{DF0986B7-F5B9-4CA4-8466-7CD4AF2AE0AF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{882FA26D-CF07-4B30-82CD-8BDCC1312631}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{7C43F587-F429-4292-92AF-457A3B96BA15}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [UDP Query User{6A47CEE3-C601-4D40-938B-E151D69CCA2A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [{5FC1A2E4-E23E-4A40-8F68-9680094BC070}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{D3B507C3-11FC-4106-A76D-846E68EC90C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4863C59D-1DEA-4C40-9654-2F0C1BE2FB76}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{55C29EA5-B451-4E41-83DF-E6531186E441}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{D6E5B159-2B74-4272-BAA1-7E51AB84F86C}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{013196D6-20C5-4A65-8551-6D06065B5FB1}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{8B68AAEF-669D-4F39-9BED-3160EC00A152}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{5509BB12-DE0F-4487-9212-24E34F0F30BE}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{FF62CBB6-700E-4F9C-823F-965C666AEFDF}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [UDP Query User{60F6CF78-C495-4A2A-8B47-575F834CEF9C}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{CE84693F-1ADB-43AB-9A38-A2B0DDCB0BD6}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{2B529D50-00F9-4652-BC7E-8C5985B5576D}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [TCP Query User{148B2AF4-E62B-4350-925B-8BEA76CF35B3}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [UDP Query User{04A34041-F5A8-4533-A5FD-C6118F2D79DA}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{12586A64-FF12-4ECA-BB97-9D1067A5F11B}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{22C4E24C-9B6C-47A9-8A26-D689334469FC}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [TCP Query User{76EFBE6B-1CAC-4061-A316-9D6E1710301A}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [UDP Query User{CE976857-156C-43F3-B42E-582F49119166}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{E7CEAF8F-6ECC-478E-AF60-ED369F6364BB}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{159669FB-3C82-427F-85E5-6C0405FA89B9}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [TCP Query User{AE9DD382-6F3E-4994-9FA4-DA38D03EBFA3}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [UDP Query User{21B4A0EA-47F8-424B-974C-230C570B2E6D}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{D8C7869F-BC2B-4962-861A-23350B75163F}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{1CE19DF8-01E3-43C7-BDE4-321B25C28B45}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{2378DA66-4690-4BE1-AA12-B2762255FED3}] => (Allow) C:\Users\moxito\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe
FirewallRules: [{C4451068-39BD-428B-B0AE-E4CEB549A5E4}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe
FirewallRules: [{8283DF27-E8D8-404E-9CF8-22CBAF6061CC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe
FirewallRules: [{644D8DC8-C47A-4C1D-89A7-DF5E8ACE7BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe
FirewallRules: [{58123EF6-29C8-4276-A308-ED2A9A86B1FC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe
FirewallRules: [{97B0CABD-78AA-407D-B7A2-A86F79BED1B6}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\tencentdl.exe
FirewallRules: [{D9D9C92B-573F-4F40-ADAD-823B83F8E41F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\bugreport_xf.exe
FirewallRules: [{11AB198E-D6B0-42AA-9662-F5496BBD0387}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{157E434D-102F-4E56-8ADF-F49896ECAB96}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{DA5D3FD0-F9C0-40D0-8517-9611B98F8937}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe
FirewallRules: [{FA7BDB2A-B22C-4EFB-ADC2-7D566C0572F8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe
FirewallRules: [{E770A729-2BE4-4189-BD71-0BD9967B1896}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe
FirewallRules: [{2B08D25C-C48F-4302-9B51-2F9C1AD2F7E6}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe
FirewallRules: [{C4455ADD-005F-4DC2-BB48-81C50375766E}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicExternal.exe
FirewallRules: [{D3CACE26-0333-4EA3-9C55-F3AE95CAA573}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\moleplugin\tadb.exe
FirewallRules: [{21BDBBDE-297A-478F-9B2D-34C39FEA3DD5}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusic.exe
FirewallRules: [{D630DBBE-4A30-4AFD-9E28-F3583EFF4E9E}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe
FirewallRules: [{65BB453F-B20A-4272-9477-C6F08359162A}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicUp.exe
FirewallRules: [TCP Query User{247D4396-0D31-4F31-A892-084C41B75164}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [UDP Query User{92886B66-0227-4ED8-A533-E83C7C9706EA}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [TCP Query User{5507FF27-196C-4493-9C74-B09525F5413B}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [UDP Query User{1112C62E-F3A6-4843-8972-62BD0CEFF9E2}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [{0AE31196-BBF9-44D8-981B-AB04C98CEB4C}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [{8167C8B9-F43D-43EA-B143-8F332F565158}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [TCP Query User{1F74AD5B-43D2-4D18-9122-78BBF7F43C8E}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [UDP Query User{A12C75E4-10F9-41E1-BA3B-B1162AA9825B}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{EC1A9325-2130-47B6-90F7-212BFE14681F}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{990EB6F9-48F5-4D1C-86EE-1546944CF64C}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
==================== Restore Points =========================
19-05-2017 13:16:28 Windows Update
21-05-2017 20:50:47 Nahimic 2
05-06-2017 22:00:23 Windows Update
11-06-2017 12:29:53 Windows Update
16-06-2017 18:09:25 Windows Update
==================== Faulty Device Manager Devices =============
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Mi 4i
Description: Mi 4i
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB Device
Description: USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2017 11:33:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/16/2017 11:31:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/16/2017 11:31:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0x1bd4
Startzeit der fehlerhaften Anwendung: 0x01d2e6e7e7e4e1d5
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: f9f8ae6f-57f4-4007-91ff-2525dab93fbc
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/16/2017 11:25:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (06/16/2017 11:46:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/16/2017 11:33:24 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/16/2017 11:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:25 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/16/2017 11:31:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
CodeIntegrity:
===================================
Date: 2016-10-26 14:29:14.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 14:20:37.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 13:12:20.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 03:05:20.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:58:24.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:40:48.352
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:18:53.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5950HQ CPU @ 2.90GHz
Percentage of memory in use: 13%
Total physical RAM: 32723.28 MB
Available physical RAM: 28279.54 MB
Total Virtual: 67539.28 MB
Available Virtual: 62540 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:951.82 GB) (Free:502.28 GB) NTFS
Drive d: (data) (Fixed) (Total:912.3 GB) (Free:26.14 GB) NTFS
Drive f: (XIAOMI) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 524198F9)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 52419B1B)
Partition: GPT.
==================== End of Addition.txt ============================
|
|
16.06.2017, 23:31
| #4 |
| | Ambworks nicht zu löschen [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by moxito (17-06-2017 00:15:04)
Running from C:\Users\moxito\Desktop
Windows 10 Enterprise Version 1607 (X64) (2016-10-10 23:15:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1078665582-1449517287-1295239923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1078665582-1449517287-1295239923-503 - Limited - Disabled)
Guest (S-1-5-21-1078665582-1449517287-1295239923-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1078665582-1449517287-1295239923-1005 - Limited - Enabled)
moxito (S-1-5-21-1078665582-1449517287-1295239923-1001 - Administrator - Enabled) => C:\Users\moxito
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )
360 Browser (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\360Browser) (Version: 7.5.2.108 - 360 Security Center)
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.6.0 - SlySoft)
ApoDispatchConfigurator (Version: 2.3.1401 - Nahimic) Hidden
AudioLaunchpadConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.)
Battery Calibration (x32 Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.6323 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
CCTalk (HKLM-x32\...\CCTalk) (Version: 6.0.0.1 - www.hujiang.com, Inc.)
CheckDevicesConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.)
Dragon Center (x32 Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FRN Client 2014 (HKLM-x32\...\FRN Client_is1) (Version: - Free Radio Network)
FRN Server 2014 (HKLM-x32\...\FRN Server_is1) (Version: - Free Radio Network)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hauppauge WinTV 8 (HKLM-x32\...\Hauppauge WinTV 8) (Version: v8.0.34284 (CD 5.1 AAC) - Hauppauge Computer Works)
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.)
Help Desk (x32 Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{281badd0-7e11-494b-bdf7-34d6a2615c3c}) (Version: 6.2.0.19 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.2.0.19 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1122 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Kodi (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Kodi) (Version: - XBMC-Foundation)
LauncherSetup (Version: 2.3.1401 - Nahimic) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
LenovoUsbDriver 1.1.9 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.9 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic)
Nahimic2UISetup (Version: 2.3.1401 - Nahimic) Hidden
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}) (Version: 8.0.182 - Nero AG)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Nitro Reader 5 (HKLM\...\{1DF310B2-0BE7-4CD7-8FCF-54B1ADB067D3}) (Version: 5.5.6.21 - Nitro)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation)
ProductDaemonSetup (Version: 2.3.1401 - Nahimic) Hidden
ProductNSConfigurator (Version: 2.3.1401 - Nahimic) Hidden
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
QQ音乐2016 (HKLM-x32\...\QQMusic) (Version: 12.97.3627.1201 - 腾讯科技(深圳)有限公司)
QTranslate 5.7.0.3 (HKLM-x32\...\QTranslate) (Version: 5.7.0.3 - QuestSoft)
QT语音 (HKLM-x32\...\QT语音) (Version: 11.43.0.17707.483 - 腾讯科技(深圳)有限公司)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 12.0.0.102 - Qualcomm Atheros)
QvodPlayer v3.5 (HKLM-x32\...\QvodPlayer) (Version: 3.5 - Shenzhen QVOD Technology Co.,Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)
SDR-RADIO.com (V2) (HKLM-x32\...\SDR-RADIO.com (V2)) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SonicMapperConfigurator (Version: 2.3.1401 - Nahimic) Hidden
SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated)
TalkTV (HKLM-x32\...\{F768F6BA-F164-4599-BC26-DCCFC2F71983}_is1) (Version: 4.1.3 - TalkTV)
Technotrend Viewer (HKLM-x32\...\TT-Viewer_is1) (Version: - CM&V)
The Bat! Professional v3.99.29 (HKLM-x32\...\{CA8D1F57-1D54-463F-A97D-9D740EBBD285}) (Version: 3.99.29 - Ritlabs)
TomTom HOME (HKLM-x32\...\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}) (Version: 2.9.94 - Ihr Firmenname)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
UIInstallUpgrade (Version: 2.3.1401 - Nahimic) Hidden
UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
YY version 1.0 (HKLM-x32\...\{76E0BCEF-DBB1-4257-8230-6DE2310E4813}_is1) (Version: 1.0 - Joe)
YY8 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\YY8) (Version: 8.3.0.2 - 多玩游戏网)
Zattoo Live TV (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\6e425e00e7cd59c7) (Version: 1.0.0.51 - Zattoo Europa AG)
央视影音 (HKLM-x32\...\{07F79EE3-1012-40BF-BEE7-A07EE6C284DC}_is1) (Version: 4.0.8.0 - 中国网络电视台)
搜狗拼音输入法 8.0正式版 (HKLM-x32\...\Sogou Input) (Version: 8.0.0.8381 - Sogou.com)
有道词典 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\有道词典) (Version: 6.3 - 网易公司)
百度云管家 (HKLM-x32\...\百度云管家) (Version: 5.4.9 - 百度在线网络技术(北京)有限公司)
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 8.6.18804.0 - 腾讯科技(深圳)有限公司)
腾讯TM2009 (HKLM-x32\...\{260706D6-56D3-41E8-9183-DC4DF54B7F4B}) (Version: 1.41.1287.0 - 腾讯科技(深圳)有限公司)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{2E445E22-1A5F-4C84-B963-BB65D07C1FB3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{40C842B5-9E7D-4FBD-8E05-021F4B6F5CA5}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{A5110465-0F43-4586-9DEC-73DCC0CBCF08}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {066AC61E-1658-4034-8524-C0F15BD63338} - System32\Tasks\gsrun.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\gsrun.exe [2016-10-13] ()
Task: {06F7876A-D01A-42DE-B0BB-34D3F2C31961} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {07B42A73-B318-4361-8F73-910851DAA954} - System32\Tasks\me.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1195CE57-9B94-42B6-BD81-89095373206D} - System32\Tasks\MeLogo_{67679FCB-7ECA-4db5-B5AE-E6B4E178D0BA} => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1574B4F0-4EB0-481D-B3D6-875944676A34} - \{057E7D47-7D0A-0A7A-7911-0E040E78110C} -> No File <==== ATTENTION
Task: {25DED191-9070-42A0-9253-062048019AE6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {32F11BBA-6316-404F-9DC7-B8F7FE491A05} - System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B} => C:\ProgramData\{EB8ACCE0-5C21-7B4B-7EE8-1C19ABAD4F85}\3B2BA978-8C80-1ED3-88ED-20DA0EEA8994.exe <==== ATTENTION
Task: {3BCE144F-14C8-4842-8A53-661187BBC8A0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-01-13] ()
Task: {3E407DC0-759C-44BB-88AC-AF6AC6A3A08B} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2017-01-13] ()
Task: {41607316-F1F1-4C25-B261-37C521ABF4CA} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {4220DF88-E589-414A-B2EA-098D3E0E6500} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [2017-05-31] (Micro-Star International Co., Ltd.)
Task: {47435CE5-D1F2-4C13-A77E-DEADE332ED23} - System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\58bca3a8\52456f97.dll" <==== ATTENTION
Task: {49FC50FD-0B66-420F-8C7C-52B54AC07DAB} - System32\Tasks\HuanjuGameUpdate => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe [2017-05-21] (YY Inc.)
Task: {4E03935F-200C-45FD-9C69-7E21824D8529} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {52CC2439-C048-4BE9-B616-C6A62EBF5D60} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {66632B7C-EA9C-4F6B-9AA6-9122D4A185F8} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2016-09-02] (Sogou.com Inc.)
Task: {743767E4-92ED-4EB8-BDE6-031C7AC9E9EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {77B29FB4-A203-4C87-AD47-184CA218CF3C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {7AD8FA13-DAA9-47B8-A54D-CF5009AB44F4} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {84F0B267-E639-40B1-8A5B-C527E0D0D998} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {8D282348-DBD4-4BD7-9A44-95F8462FC27E} - System32\Tasks\yyplayer.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yyplayer.exe [2016-10-13] ()
Task: {B86BD242-2DD2-49F3-A8FC-C7DFFF24FEF0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {BB0CB973-6950-4BF2-A895-DAB4D24C13C2} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavUpdater.exe [2017-01-28] (Baidu, Inc.)
Task: {BB5B22AA-238A-4B32-8984-B8A3F29072CE} - System32\Tasks\yygamestore.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yygamestore.exe [2016-10-13] ()
Task: {C54E8752-58C3-4FA0-9D33-A0404C058363} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2017-01-13] ()
Task: {CB33CC10-7C4E-4BB2-9E8B-6E9E3DE606AD} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2016-05-06] (Micro-Star International Co., Ltd.)
Task: {CC5DB9A6-FD83-429B-82E0-B343682013B5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {CDDE24C0-6063-4256-96AD-7C83C1F684C8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {D4BCAAFF-C409-468A-8CF1-FCF6B4054779} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F2852D36-A114-43F8-BD54-1577764A3D45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-21] (Adobe Systems Incorporated)
Task: {F68E41E9-0104-4361-A8EE-6CCD3F70FFA2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HuanjuGameUpdate.job => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-27 13:26 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2011-08-22 17:34 - 2011-08-22 17:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00048568 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper64.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00218296 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00289976 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2017-02-12 17:08 - 2015-02-27 15:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2017-01-13 10:49 - 2017-01-13 10:49 - 00705208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2017-01-13 10:50 - 2017-01-13 10:50 - 02054328 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2017-01-13 10:54 - 2017-01-13 10:54 - 00513208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2014-09-30 02:51 - 2014-09-30 02:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-11-25 16:45 - 2016-11-25 16:45 - 02515520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
2016-07-26 11:07 - 2017-06-16 22:06 - 01052192 _____ () C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00192952 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe
2016-11-28 14:45 - 2015-09-27 11:25 - 00035840 _____ () C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\FritzBoxTraffic1013.gadget\FritzBoxTrafficMonitorLib.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\HipsLogger.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BNetOp.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\sqlite.dll
2017-01-28 04:16 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\dark.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 01120752 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Operation.dll
2016-11-25 00:13 - 2011-08-23 14:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2016-12-09 16:53 - 2016-12-09 10:21 - 00368128 _____ () c:\programdata\microsoft\visualstudio\14.0\2052\msmg.dll
2017-01-18 15:01 - 2017-01-18 06:18 - 00443904 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\3082\nonsdkaddonlangver.dll
2016-05-05 10:53 - 2017-06-16 21:39 - 00713504 _____ () C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\qpsafeplugin.dll
2011-08-22 17:23 - 2011-08-22 17:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-09-27 13:26 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-13 10:48 - 2017-01-13 10:48 - 00189112 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2017-01-13 10:46 - 2017-01-13 10:46 - 00262840 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00042936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper32.dll
2016-10-30 19:55 - 2016-10-30 19:55 - 00108544 __RSH () C:\Program Files (x86)\SlySoft\AnyDVD\BRD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00095936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\CrashRpt.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 34880064 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\libcef.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 03795520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\v8.dll
2016-11-25 16:44 - 2016-11-25 16:44 - 01577912 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\Stable\Acrobat2Dict.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 01874496 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\ffmpegsumo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00155192 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\lua.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00089656 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\zlib.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00138808 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libexpatw.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00159288 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libpng.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00286264 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libjpegturbo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00495160 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\VP8.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00941624 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\TRAE.DLL
2017-01-28 04:16 - 2017-01-28 04:16 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Pulgin_Dark_DeleteFileTip.dll
2017-06-16 23:32 - 2017-06-16 23:32 - 01307136 _____ () C:\Users\moxito\AppData\Local\Ambworks\vtmbuvmp.dll
2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-19 22:20 - 2014-08-28 09:49 - 00887624 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libglesv2.dll
2017-01-19 22:20 - 2014-08-28 09:49 - 00110408 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\libegl.dll
2017-01-19 22:20 - 2014-05-29 14:46 - 04055504 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\pdf.dll
2017-01-19 22:20 - 2014-08-29 09:29 - 01875784 _____ () C:\Users\moxito\AppData\Local\360Browser\Browser\Application\7.5.2.108\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2017-01-28 01:43 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => " Malwarebytes Anti-Malware (cleanup)"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\StartupFolder: => "CCTalk.lnk"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CNTV-CBox"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CBoxService"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "YYAssistant"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE39C442-3DC6-4243-A674-02F31C37F9E7}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{ACFB4839-4B17-4430-B6F0-8C234D1C509B}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CEFCF085-AC3C-4B1C-B0FF-2C51D1AD339C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{53F4CB2C-7672-4F31-A2F9-62989417793F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{43A23B75-74E8-4875-9A65-CC0CCECF0F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2F86D7C7-F739-4A76-A3A9-0C34651FED92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FBA342AE-35EE-4750-910F-CE78E00118EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB2C5D8C-7E1E-4324-AB48-78593709BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{844B361F-D871-4C06-987B-462B094C2573}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2061BD21-6061-422C-8523-065687C533FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A359A2C1-C028-4350-A631-F496D5477FB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{71FA7AB2-9E15-46F8-A963-D82667A03415}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C48FC8B7-1DC6-4455-B699-CE06502CDB2F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7150BA5F-B30A-4D64-B823-F89DE0A830BD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B310D159-F3F2-45EB-A5FE-953947A4BE1D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B881DE74-70F2-4EBA-8025-04098ED82486}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{C7AF81E2-2AB8-4951-8285-CFDC1AD3079B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{AEB5BA9D-F104-4486-9BB2-DE7FB73A14C9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0D600F81-A48E-4F61-8E6C-C1080833002A}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{7D07C0F1-7085-4E51-B4F5-02EFB9979BD6}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [UDP Query User{6D500D6D-0622-493B-8922-7B6C6AC6594D}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [TCP Query User{0CE7BE09-640F-4DEF-9446-12028651A4B2}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{3875BA83-5C8C-4DB6-9A2A-465B7C93CFDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{478080CB-538B-43CE-9228-EB1DFBEB573F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E7E6FE5A-C0F8-4573-86A1-C3BBC3E1FEE1}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E3AC73CB-85FD-4BFE-93E7-0937E4C71984}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{55BB1B60-D077-4E19-B71F-7E53DA95C475}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{33751988-263F-4609-9C75-E0A3788542AC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{D53BA843-D88B-46F3-987C-7E82CA24861D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{770B7A06-DB83-4087-9819-D33F8A3590CF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{8D482EBE-AA6E-411A-B90A-C8FFC0CE9FC6}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{99831EB5-9E79-4FC7-B2B3-BD6C88B049FC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{50431C4D-6CC7-4F91-9FD6-160DA53EC800}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{29441021-B130-4DCB-8A2C-98E3654EAB8E}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{83B2C97B-D8EC-4022-A2D2-E92E7D323D85}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [TCP Query User{2B248973-D5C1-4568-B90F-508D8AE0D0E6}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [UDP Query User{D34EC77D-ABF0-40A4-8D31-1EB46795B998}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [{DF707D42-B066-4440-A290-76C3782F7D20}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{CBCC3D60-D1D0-45D6-B4BF-24B3FA51CC7A}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{791391FB-26F6-4455-ABAB-F0CC178163D2}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{D422F381-3BB5-46FF-A8DB-07A9F1C39410}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{9BD45F0A-D4CC-4CEA-84E6-0DB37326C47F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EC9E85AA-6E4F-4F46-ACB9-73FDA2D4D21B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{77FDE012-D87A-44AD-B6D0-94B3A9B6FC22}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{CEF220D9-C4B8-43AF-B1AD-AF5F286B2E19}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{928F44AB-072E-40CC-BA43-E6BC9320A81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{856ACEC8-3599-4335-BBCC-62BBCD61DC6D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{83F1A492-987E-4799-BFC4-B2190523875C}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{AB07117A-6A25-427D-8370-FBA11D71F3C4}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{73B22CDE-F42F-48D0-ABDE-CEBDEA261561}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{BD10F1F2-821D-4AA7-A5BB-6517CEAFD0EB}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{C2AF2505-834E-4CF7-8AD4-EFCF2489688A}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{E0794B69-C90C-45A5-A33D-073392938B3D}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [TCP Query User{FF9524A3-306C-4072-987A-3B52600DAE87}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [UDP Query User{7198139F-6FC4-485D-969C-3974742B20E1}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [{46AD7F9B-EA90-441C-92A4-C625FD5AFC3D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{7D63BBB3-557E-4FA0-A0B1-3311761D7245}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{004FC471-A249-4476-9233-97837F5DC187}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{E9CB61D5-2A6F-4D36-B053-46B9A4E82DD6}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{41BD44A0-3B8E-4D2F-984C-DB0A9747D92C}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{38F6F4C3-06C7-4F2C-A56A-223A528AAC34}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{016D1F2C-DA2F-4B0A-B5AC-920F9726FFC1}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{2456EF25-4F38-43D0-96F8-E95CD2D91E31}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{0E1C2F32-B86C-4260-BD9C-38FCF76181A8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{E11CDFE4-AEFB-409A-9947-2082963FDB2D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{A803234B-AF31-471F-AB88-14763ED74CBB}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{DA0F938A-CD7A-43F0-A86F-68651FBC84D8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{1B840E50-2AD0-4D3E-BDC8-366478D56844}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{E8B5E362-0CBF-409B-AECA-041D925C0C92}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{9B0C0FF5-8CF3-4601-A9A8-5FEB03062501}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{A8C0E650-29AC-4198-8ECC-3A7D52D166A4}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5D4FE374-A1CE-49E0-AF1D-EE024A7E8DEE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{7769A548-F7A8-4E30-8C27-7978B0141D90}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5773DC5E-741B-4A49-AFAC-5ECDDAECCBDE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{C307F899-B1CE-4AA9-BA01-4FF5450FBAF5}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{022A31EF-B2B8-4297-8E3F-675C15DE94AC}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{AE75BACB-263F-4C0F-87AA-7247D82B0CBF}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{1D5162A3-4235-4D03-B504-C4F4F7246E53}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{901D2A03-DABD-474A-8B3D-976A205B8422}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{2F3B86E9-CE22-4695-85F4-3B6BDFED3C5A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{514EE4BC-9EEE-4677-B4D2-4D9E74321D29}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{ED1E880D-383C-44C1-92D3-E8CA804F9221}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4448BD80-0766-4AF6-8BF2-10B269418FE3}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{1A995BD3-762A-4327-9D40-39043A72168A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4DC55797-A6D6-4594-BB8E-45CBFF359500}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{C2EC3A64-8BB9-4E9D-8749-82C9ED99F790}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{79E67A5E-81D2-4B24-900A-233B96A73BCD}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{F565A5A4-9F6D-4DED-B6BC-5014E9671545}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3A531803-0279-4217-B535-4982A56D73A7}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{53783036-D1FC-440D-B36B-DF723723216D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{BA595CB8-3A7C-478F-8D36-16E98FFF5B57}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3ECCB7EE-F978-42BC-A9B6-325DD4BA322B}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{601CC53D-79DA-4246-B7EB-07C2D086FFD0}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{29D7ADFD-4772-4B73-9C4D-BEF485E987EE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{99554E8E-DC9F-4433-8FC8-B9C134B75403}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{B4E4F695-34B7-4187-9F9F-E9AEEC55D094}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{90B48959-73E8-483B-9EF6-4F660EB44F70}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{A21AA5AE-676B-4D0A-9946-9F8F5DD222B4}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{1BBF2246-CD1C-4829-AD1A-E8CAEBA612A9}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{BA93C79E-F926-497B-89EF-492E13588D7D}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{B2C4F98E-6E0C-489A-A744-6BD5BAD22C18}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{54347CA7-88C3-4931-B431-E80A289FEA32}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{368F75CF-9388-47ED-B631-65B1C9668E86}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{2E09659B-6EA8-4509-BC8B-89A1F52CAED7}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{F7F9C92B-2D60-4A82-833E-ECD3CB8D7997}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{50607091-02F0-4003-A9C1-3AB89E5D2947}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{0CD70842-A679-4531-AAB3-E5E8015B373D}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [TCP Query User{DF0986B7-F5B9-4CA4-8466-7CD4AF2AE0AF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{882FA26D-CF07-4B30-82CD-8BDCC1312631}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{7C43F587-F429-4292-92AF-457A3B96BA15}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [UDP Query User{6A47CEE3-C601-4D40-938B-E151D69CCA2A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [{5FC1A2E4-E23E-4A40-8F68-9680094BC070}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{D3B507C3-11FC-4106-A76D-846E68EC90C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4863C59D-1DEA-4C40-9654-2F0C1BE2FB76}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{55C29EA5-B451-4E41-83DF-E6531186E441}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{D6E5B159-2B74-4272-BAA1-7E51AB84F86C}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{013196D6-20C5-4A65-8551-6D06065B5FB1}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{8B68AAEF-669D-4F39-9BED-3160EC00A152}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{5509BB12-DE0F-4487-9212-24E34F0F30BE}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{FF62CBB6-700E-4F9C-823F-965C666AEFDF}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [UDP Query User{60F6CF78-C495-4A2A-8B47-575F834CEF9C}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{CE84693F-1ADB-43AB-9A38-A2B0DDCB0BD6}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{2B529D50-00F9-4652-BC7E-8C5985B5576D}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [TCP Query User{148B2AF4-E62B-4350-925B-8BEA76CF35B3}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [UDP Query User{04A34041-F5A8-4533-A5FD-C6118F2D79DA}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{12586A64-FF12-4ECA-BB97-9D1067A5F11B}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{22C4E24C-9B6C-47A9-8A26-D689334469FC}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [TCP Query User{76EFBE6B-1CAC-4061-A316-9D6E1710301A}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [UDP Query User{CE976857-156C-43F3-B42E-582F49119166}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{E7CEAF8F-6ECC-478E-AF60-ED369F6364BB}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{159669FB-3C82-427F-85E5-6C0405FA89B9}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [TCP Query User{AE9DD382-6F3E-4994-9FA4-DA38D03EBFA3}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [UDP Query User{21B4A0EA-47F8-424B-974C-230C570B2E6D}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{D8C7869F-BC2B-4962-861A-23350B75163F}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{1CE19DF8-01E3-43C7-BDE4-321B25C28B45}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{2378DA66-4690-4BE1-AA12-B2762255FED3}] => (Allow) C:\Users\moxito\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe
FirewallRules: [{C4451068-39BD-428B-B0AE-E4CEB549A5E4}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe
FirewallRules: [{8283DF27-E8D8-404E-9CF8-22CBAF6061CC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe
FirewallRules: [{644D8DC8-C47A-4C1D-89A7-DF5E8ACE7BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe
FirewallRules: [{58123EF6-29C8-4276-A308-ED2A9A86B1FC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe
FirewallRules: [{97B0CABD-78AA-407D-B7A2-A86F79BED1B6}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\tencentdl.exe
FirewallRules: [{D9D9C92B-573F-4F40-ADAD-823B83F8E41F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\bugreport_xf.exe
FirewallRules: [{11AB198E-D6B0-42AA-9662-F5496BBD0387}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{157E434D-102F-4E56-8ADF-F49896ECAB96}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{DA5D3FD0-F9C0-40D0-8517-9611B98F8937}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe
FirewallRules: [{FA7BDB2A-B22C-4EFB-ADC2-7D566C0572F8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe
FirewallRules: [{E770A729-2BE4-4189-BD71-0BD9967B1896}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe
FirewallRules: [{2B08D25C-C48F-4302-9B51-2F9C1AD2F7E6}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe
FirewallRules: [{C4455ADD-005F-4DC2-BB48-81C50375766E}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicExternal.exe
FirewallRules: [{D3CACE26-0333-4EA3-9C55-F3AE95CAA573}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\moleplugin\tadb.exe
FirewallRules: [{21BDBBDE-297A-478F-9B2D-34C39FEA3DD5}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusic.exe
FirewallRules: [{D630DBBE-4A30-4AFD-9E28-F3583EFF4E9E}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe
FirewallRules: [{65BB453F-B20A-4272-9477-C6F08359162A}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicUp.exe
FirewallRules: [TCP Query User{247D4396-0D31-4F31-A892-084C41B75164}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [UDP Query User{92886B66-0227-4ED8-A533-E83C7C9706EA}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [TCP Query User{5507FF27-196C-4493-9C74-B09525F5413B}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [UDP Query User{1112C62E-F3A6-4843-8972-62BD0CEFF9E2}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [{0AE31196-BBF9-44D8-981B-AB04C98CEB4C}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [{8167C8B9-F43D-43EA-B143-8F332F565158}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [TCP Query User{1F74AD5B-43D2-4D18-9122-78BBF7F43C8E}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [UDP Query User{A12C75E4-10F9-41E1-BA3B-B1162AA9825B}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{EC1A9325-2130-47B6-90F7-212BFE14681F}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{990EB6F9-48F5-4D1C-86EE-1546944CF64C}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
==================== Restore Points =========================
19-05-2017 13:16:28 Windows Update
21-05-2017 20:50:47 Nahimic 2
05-06-2017 22:00:23 Windows Update
11-06-2017 12:29:53 Windows Update
16-06-2017 18:09:25 Windows Update
==================== Faulty Device Manager Devices =============
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Mi 4i
Description: Mi 4i
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB Device
Description: USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2017 11:33:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/16/2017 11:31:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/16/2017 11:31:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0x1bd4
Startzeit der fehlerhaften Anwendung: 0x01d2e6e7e7e4e1d5
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: f9f8ae6f-57f4-4007-91ff-2525dab93fbc
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/16/2017 11:25:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (06/16/2017 11:46:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/16/2017 11:33:24 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/16/2017 11:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:25 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/16/2017 11:31:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/16/2017 11:31:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
CodeIntegrity:
===================================
Date: 2016-10-26 14:29:14.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 14:20:37.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 13:12:20.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 03:05:20.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:58:24.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:40:48.352
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:18:53.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5950HQ CPU @ 2.90GHz
Percentage of memory in use: 13%
Total physical RAM: 32723.28 MB
Available physical RAM: 28279.54 MB
Total Virtual: 67539.28 MB
Available Virtual: 62540 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:951.82 GB) (Free:502.28 GB) NTFS
Drive d: (data) (Fixed) (Total:912.3 GB) (Free:26.14 GB) NTFS
Drive f: (XIAOMI) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 524198F9)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 52419B1B)
Partition: GPT.
==================== End of Addition.txt ============================
Teil 1 von Frst.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01 Ran by moxito (administrator) on MSI (17-06-2017 00:14:36) Running from C:\Users\moxito\Desktop Loaded Profiles: moxito (Available Profiles: moxito) Platform: Windows 10 Enterprise Version 1607 (X64) Language: Englisch (Vereinigte Staaten) Internet Explorer Version 11 (Default browser: "C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Nitro PDF Software) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Tencent) C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\bavhm.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (Microsoft Corporation) C:\Windows\System32\CastSrv.exe (QuestSoft) C:\Program Files (x86)\QTranslate\QTranslate.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe (网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe (网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoIE.exe () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe (Ritlabs S.R.L.) C:\Program Files (x86)\The Bat!\thebat.exe (Tencent) C:\Program Files (x86)\Tencent\QQ\Bin\TXPlatform.exe (Tencent) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe (网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordBook.exe (Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe () C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Bav.exe (Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe (Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe (Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-06] (Realtek Semiconductor) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [297984 2015-12-09] (MSI) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2017-01-13] () HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe [1998832 2017-01-28] (Baidu, Inc.) HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-11-18] () HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2017-01-24] () HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [55264 2016-03-10] (Malwarebytes) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [ctfmon] => C:\WINDOWS\system32\ctfmon.exe [10752 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9604008 2015-12-12] (SlySoft, Inc.) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QTranslate] => C:\Program Files (x86)\QTranslate\QTranslate.exe [642048 2016-05-12] (QuestSoft) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YYAssistant] => C:\Program Files (x86)\YY\8.24.0.2\\yyassistant.exe [335600 2017-06-12] (YY Inc.) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YodaoDict] => C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe [5552192 2016-11-25] (网易公司) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [thebat_startup] => C:\Program Files (x86)\The Bat!\thebat.exe [11954536 2007-10-31] (Ritlabs S.R.L.) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-29] (TomTom) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QQ2009] => C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe [97976 2016-11-25] (Tencent) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TM] => C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe [132472 2016-11-25] (Tencent) HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunGuanjia] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\baidunetdisk.exe [7757856 2017-06-16] () HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunDetect] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\YunDetectService.exe [1052192 2017-06-16] () HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [{1052DBDE-C7E1-498F-7A72-11F13F705104}] => C:\Program Files (x86)\KMSPico\395c48ebd078c81a6235f7da464d45bd.exe [117561 2017-05-13] () HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YfftPack] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\moxito\AppData\Local\Ambworks\vtmbuvmp.dll <===== ATTENTION HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [Ambworks] => C:\Users\moxito\AppData\Local\Ambworks\395c48ebd078c81a6235f7da464d45bd.exe HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavShx64.dll [2017-01-28] (Baidu, Inc.) ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-12-09] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-16] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2017-02-11] ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}\IcoUltraMon.ico () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2016-12-09] ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.) Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCTalk.lnk [2016-12-09] ShortcutTarget: CCTalk.lnk -> C:\Users\moxito\AppData\Roaming\Hujiang\Setup\PreInst\CCLaunch.exe (Hujiang) Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar469.lnk [2017-06-16] ShortcutTarget: Sidebar469.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) GroupPolicy: Restriction <======= ATTENTION GroupPolicyScripts: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-1078665582-1449517287-1295239923-1001] => 120.52.73.97:80 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{1f590c30-fd8d-44ea-ae52-5c965539d833}: [DhcpNameServer] 82.163.143.157 Tcpip\..\Interfaces\{38ff234b-697a-4a3c-99af-17abf95b27e9}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ddecc736-557e-44c0-b1c3-dbe0f06f526f}: [DhcpNameServer] 82.163.143.157 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261445025659793&GUID=D8CC01CB-AEB0-4853-A5B1-0C8D1E99C72E HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://hao.qq.com/?unc=o400493_1&s=o400493_1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-25] (Oracle Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-25] (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-18] (Wondershare) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: QQMiniDL Helper Class -> {C9C7334B-5657-41e1-8F79-F6AACECA05F4} -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\QQIEHelper01.dll [2014-07-15] (Tencent Technology (Shenzhen) Company Limited) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: AccountProtectBHO Class -> {DDD362CF-523B-4BC9-8FDC-58F93B6BC945} -> C:\Users\moxito\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll [2017-06-16] (Tencent) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) DPF: HKLM-x32 {1E525898-EE12-4002-9374-82D15147F762} hxxp://player.cntv.cn/flashplayer/config/plugins/wCNTVLive212.dll Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File FireFox: ======== FF ProfilePath: C:\Users\moxito\AppData\Roaming\TomTom\HOME\Profiles\crxg47tn.default [2017-04-04] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2017-02-08] [not signed] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-12-09] [not signed] FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2017-02-12] FF HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Firefox\Extensions: [dict@www.youdao.com] - C:\Users\moxito\AppData\Local\Youdao\Dict\Application\stable\extensions\firefox => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-21] () FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-25] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-21] () FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\npYunWebDetect.dll [2017-06-16] (Baidu.com, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 5\npnitromozilla.dll [2016-03-03] (Nitro PDF) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation) FF Plugin-x32: @qq.com/npQQGameAssist -> C:\Program Files (x86)\Tencent\QQGAME\npQQGameAssistPlugin.dll [No File] FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll [2017-01-28] (Tencent) FF Plugin-x32: @qq.com/QQMiniDLPlugin -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll [2014-04-25] (Tencent Technology (Shenzhen) Company Limited) FF Plugin-x32: @qq.com/QQPhotoDrawEx -> C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll [2013-08-13] () FF Plugin-x32: @qq.com/QzoneMusic -> C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll [2016-02-26] (Tencent) FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.4.3\Bin\npSSOAxCtrlForPTLogin.dll [2016-05-05] (Tencent) FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll [2013-04-25] (Tencent) FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll [2013-04-08] (Tencent Technology (Shenzhen) Company Limited) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin HKU\S-1-5-21-1078665582-1449517287-1295239923-1001: @1.qq.com/npqqwebgame -> C:\Users\moxito\AppData\Roaming\Tencent\WebGamePlugin\1.0.4.9\npqqwebgame.dll [No File] FF Plugin HKU\S-1-5-21-1078665582-1449517287-1295239923-1001: duowan.com/Checker -> C:\Program Files (x86)\Common Files\duowan\yy\YYSSO\1.0.0.8\npChecker.dll [2016-11-21] (广州多玩信息技术有限公司) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation) Chrome: ======= HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Shutness\Application\chrome.exe <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [315472 2015-06-29] (Windows (R) Win 7 DDK provider) R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe [2791312 2017-01-28] (Baidu, Inc.) S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdSandboxSrv64.exe [264688 2017-01-28] (Baidu, Inc.) R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe [531232 2017-01-28] (Baidu, Inc.) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-11-23] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-11-23] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-11-23] (BlueStack Systems, Inc.) S3 ehRecvr; C:\WINDOWS\ehome\ehRecvr.exe [713728 2015-09-02] (Microsoft Corporation) [File not signed] S3 ehSched; C:\WINDOWS\ehome\ehsched.exe [177152 2015-09-02] (Microsoft Corporation) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-08-21] (Macrovision Europe Ltd.) [File not signed] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2017-01-24] (Ellora Assets Corp.) [File not signed] R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [586536 2016-10-10] (Hauppauge Computer Works) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [File not signed] R2 MCRL; C:\ProgramData\Microsoft\VisualStudio\14.0\2052\msmg.dll [368128 2016-12-09] () [File not signed] S3 Mcx2Svc; C:\WINDOWS\system32\Mcx2Svc.dll [83968 2015-09-05] (Microsoft Corporation) [File not signed] R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2015-12-09] (Micro-Star International Co., Ltd.) [File not signed] R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (Micro-Star INT'L CO., LTD.) R2 MSLN; C:\ProgramData\Microsoft\Phone Tools\CoreCon\12.0\3082\NonSDKAddonLangVer.dll [443904 2017-01-18] () [File not signed] R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-03-03] (Nitro PDF Software) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation) R2 QPCore; C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe [115104 2017-06-16] (Tencent) S2 QQMusicService; C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe [175848 2016-12-01] (Tencent) S3 QTService; C:\Program Files (x86)\Tencent\QTalk\QTService.dll [111160 2016-11-29] (Tencent) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 SogouUpdate; C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouUpdate.exe [369056 2016-09-02] (Sogou.com Inc.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279104 2017-05-16] (Synaptics Incorporated) R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-08-22] (VMware, Inc.) [File not signed] R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11837440 2011-08-22] () [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-11-09] (Intel(R) Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.) R3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdApiUtil64.sys [116968 2017-01-28] (Baidu, Inc.) S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-28] () R3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdCameraProtect64.sys [25032 2017-01-28] (Baidu, Inc.) S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.) R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [61896 2016-08-21] (Baidu, Inc.) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [141896 2015-09-30] (Rivet Networks, LLC.) R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2016-08-21] (Baidu, Inc.) S0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [83144 2017-01-28] (Baidu, Inc.) R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [62792 2016-08-21] (Baidu, Inc.) R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2016-08-21] (Baidu, Inc.) R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Bnmon64.sys [82376 2017-01-28] (Baidu, Inc.) R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [262088 2016-08-21] (Baidu, Inc.) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-11-23] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [967168 2016-11-11] (Microsoft Corporation) [File not signed] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-27] (Samsung Electronics Co., Ltd.) R3 flex1500; C:\WINDOWS\system32\drivers\flex1500.sys [265312 2012-11-29] (Jungo) R3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo) R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [162456 2016-08-21] (Qualcomm Atheros, Inc.) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2016-12-27] (hxxp://libusb-win32.sourceforge.net) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216 2017-06-16] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_69ca8597af61d80b\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation) R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-06-07] (Synaptics Incorporated) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45896 2017-05-12] (SteelSeries ApS) R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38720 2016-11-03] (SteelSeries ApS) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-27] (Samsung Electronics Co., Ltd.) S3 SundtekMTV; C:\WINDOWS\system32\DRIVERS\sundtekmtv64.sys [365776 2015-12-10] (Sundtek Electronics) R1 TenCommProtect; C:\Windows\system32\drivers\TenCommProtect64.sys [47736 2016-10-04] (Tencent) R3 TT4650_SRV_64; C:\WINDOWS\system32\drivers\ttConnect4650_64.sys [436736 2015-11-24] (CityCom GmbH) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U0 weqio; C:\WINDOWS\System32\drivers\leawmu.sys [79064 2017-06-16] (Malwarebytes) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] () S1 eougywyt; \??\C:\WINDOWS\system32\drivers\eougywyt.sys [X] S3 GSVxDrv; \??\C:\Program Files\YYBox\drivers\GSVxDrv\GSVxDrv.sys [X] U2 QQMicroGameBoxService; no ImagePath S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\12.2.18346.226\TsNetHlpX64_ev.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) |
|
16.06.2017, 23:32
| #5 |
| | Ambworks nicht zu löschen und der Rest davon: Code:
ATTFilter ==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-17 00:14 - 2017-06-17 00:14 - 00033816 _____ C:\Users\moxito\Desktop\FRST.txt
2017-06-17 00:14 - 2017-06-17 00:14 - 00000000 ____D C:\FRST
2017-06-17 00:13 - 2017-06-17 00:13 - 02438656 _____ (Farbar) C:\Users\moxito\Desktop\FRST64.exe
2017-06-16 23:44 - 2017-06-16 23:44 - 00148496 _____ C:\WINDOWS\i287.2fiWt
2017-06-16 23:44 - 2017-06-16 23:44 - 00018448 _____ C:\WINDOWS\q46dED.Dk4B4
2017-06-16 23:41 - 2017-06-16 23:41 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\leawmu.sys
2017-06-16 23:31 - 2017-06-16 23:31 - 02296696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-16 23:23 - 2017-06-16 23:25 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-16 23:04 - 2017-06-16 23:04 - 09598376 _____ (Piriform Ltd) C:\Users\moxito\Downloads\ccsetup531.exe
2017-06-16 22:59 - 2017-06-16 23:35 - 00000000 ____D C:\Users\moxito\AppData\Local\Ambworks
2017-06-16 22:42 - 2017-06-16 22:42 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-16 22:07 - 2017-06-16 22:07 - 00003654 _____ C:\WINDOWS\System32\Tasks\Dragon_Center_updater
2017-06-16 22:07 - 2017-06-16 22:07 - 00003016 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Center
2017-06-16 19:06 - 2017-06-16 19:06 - 81963976 _____ C:\Users\moxito\Downloads\SteelSeriesEngine3.10.2Setup.exe
2017-06-16 17:59 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-16 17:59 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-16 17:58 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-16 17:58 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-16 17:58 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-16 17:58 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-16 17:58 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-16 17:58 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-16 17:58 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-16 17:58 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-16 17:58 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-16 17:58 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-16 17:58 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-16 17:58 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-16 17:58 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-16 17:58 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-16 17:58 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-16 17:58 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-16 17:58 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-16 17:58 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-16 17:58 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-16 17:58 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-16 17:58 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-16 17:53 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-16 17:53 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-16 17:53 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-16 17:53 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-16 17:52 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-16 17:52 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-16 17:52 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-16 17:52 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-16 17:52 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-16 17:52 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-16 17:52 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-16 17:52 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-16 17:52 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-16 17:52 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-16 17:52 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-16 17:52 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-16 17:52 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-16 17:52 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-16 17:52 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-16 17:52 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-16 17:52 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-16 17:52 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-16 17:52 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-16 17:52 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-16 17:52 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-16 17:52 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 17:52 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-16 17:52 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-16 17:52 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-16 17:52 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-16 17:52 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-16 17:52 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-16 17:52 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-16 17:52 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-16 17:52 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-16 17:52 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-16 17:52 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-16 17:52 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-16 17:52 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-16 17:51 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-16 17:51 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-16 17:51 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-16 17:51 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-16 17:51 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-16 17:51 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-16 17:51 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-16 17:51 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-16 17:51 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-16 17:51 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-16 17:51 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-16 17:51 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-16 17:51 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-16 17:51 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-16 17:51 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-16 17:51 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-16 17:51 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-16 17:51 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:51 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-16 17:51 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-16 17:51 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-16 17:51 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-16 17:51 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-16 17:51 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-16 17:51 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-16 17:51 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-16 17:51 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-16 17:51 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-11 12:28 - 2017-06-11 12:28 - 00001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-06 01:22 - 2017-06-06 01:21 - 01282385 _____ C:\Users\moxito\Desktop\KMSpico 10.2.0 Final Activator.zip
2017-06-06 01:21 - 2017-06-06 01:21 - 01282385 _____ C:\Users\moxito\Documents\KMSpico 10.2.0 Final Activator.zip
2017-06-06 00:58 - 2017-06-06 00:58 - 01611944 _____ (Secure Download Ltd. ) C:\Users\moxito\Downloads\KMSpico_patch
2017-06-06 00:55 - 2017-06-06 00:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\RenewSoftware.com
2017-06-06 00:54 - 2017-06-16 22:38 - 00000000 ____D C:\Program Files (x86)\KMSPico
2017-06-06 00:04 - 2017-06-06 00:04 - 4083853312 _____ C:\Users\moxito\Downloads\Win10_English_x64.iso
2017-06-05 23:39 - 2017-06-05 23:39 - 00000000 ____D C:\Users\moxito\AppData\Local\RenewSoftware.com
2017-06-05 23:23 - 2017-06-06 00:35 - 00000000 ____D C:\ProgramData\58bca3a8
2017-06-05 23:23 - 2017-06-05 23:23 - 00004184 _____ C:\WINDOWS\System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B}
2017-06-05 23:23 - 2017-06-05 23:23 - 00003884 _____ C:\WINDOWS\System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41}
2017-06-05 23:22 - 2017-06-05 23:22 - 01611944 _____ (Secure Download Ltd. ) C:\Users\moxito\Downloads\Registry_Activation
2017-06-05 23:21 - 2017-06-05 23:21 - 00000000 ____D C:\ProgramData\Caphyon
2017-06-05 23:20 - 2017-06-06 00:35 - 00000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2017-05-24 16:31 - 2017-05-24 16:31 - 00187408 _____ C:\WINDOWS\3LQJZeRfB62pV.9W5pn
2017-05-24 16:31 - 2017-05-24 16:31 - 00053264 _____ C:\WINDOWS\FXu4.S5k12
2017-05-24 16:29 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-24 16:26 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-22 21:10 - 2017-05-22 21:10 - 00095248 _____ C:\WINDOWS\Yfn76w2d9ICq.19CwO
2017-05-22 16:08 - 2017-05-22 16:08 - 00163856 _____ C:\WINDOWS\ok9734e.2DWmr
2017-05-22 00:22 - 2017-05-22 00:22 - 00001101 _____ C:\Users\moxito\Desktop\百度网盘.lnk
2017-05-22 00:22 - 2017-05-22 00:22 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘
2017-05-21 22:53 - 2017-05-21 22:53 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-21 22:53 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunKernel
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunGuanjia
2017-05-21 20:51 - 2017-05-21 20:51 - 00002116 _____ C:\Users\Public\Desktop\Nahimic 2.lnk
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\Program Files\Nahimic
2017-05-21 20:51 - 2017-02-06 10:31 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-05-21 20:51 - 2017-02-06 10:31 - 10187598 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-21 20:51 - 2017-02-06 10:31 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03014656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-21 20:51 - 2017-02-06 10:31 - 02830480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01353816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01003504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00866088 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00855232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00726624 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00517504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02202624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00680512 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-05-19 13:16 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-19 13:16 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-19 13:16 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-19 13:16 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-19 13:16 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-19 13:16 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-19 13:16 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-19 13:16 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-19 13:16 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-19 13:16 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-19 13:16 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-19 13:16 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-19 13:16 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-19 13:16 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-19 13:16 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-19 13:16 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-19 13:16 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-19 13:16 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-19 13:16 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-19 13:16 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-19 13:16 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-19 13:16 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-19 13:16 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-19 13:16 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-19 13:16 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-19 13:16 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-19 13:16 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-19 13:16 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-19 13:16 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-19 13:16 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-19 13:16 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-19 13:16 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-05-19 13:16 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-19 13:16 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-19 13:16 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-19 13:16 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-19 13:16 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-19 13:16 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-19 13:16 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-19 13:16 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-19 13:16 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-19 13:16 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-19 13:16 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-19 13:16 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-19 13:16 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-19 13:16 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-19 13:16 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-19 13:16 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-19 13:16 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-19 13:16 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-19 13:16 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-19 13:16 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-05-19 13:15 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-19 13:15 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-19 13:15 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-19 13:15 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-19 13:15 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-19 13:15 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-19 13:15 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-19 13:15 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-19 13:15 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-19 13:15 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-19 13:15 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-19 13:15 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-19 13:15 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-19 13:15 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-19 13:15 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-19 13:15 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-19 13:15 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-19 13:15 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-19 13:15 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-19 13:15 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-19 13:15 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-19 13:15 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-19 13:15 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-19 13:15 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-19 13:15 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-19 13:15 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-19 13:15 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-05-19 13:15 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-19 13:15 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-05-19 13:15 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-19 13:15 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-19 13:15 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-19 13:15 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-19 13:15 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-19 13:15 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-19 13:15 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-19 13:15 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-19 13:15 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-19 13:15 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-19 13:15 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-19 13:15 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-19 13:15 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-19 13:15 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-19 13:15 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-19 13:15 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-05-19 13:15 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-19 13:15 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-19 13:15 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-19 13:15 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-19 13:15 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-19 13:15 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-19 13:15 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-19 13:15 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-19 13:15 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-19 13:15 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-19 13:15 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-19 13:15 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-19 13:15 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-19 13:15 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-19 13:15 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-19 13:15 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-19 13:15 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-19 13:15 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-19 13:15 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-19 13:15 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-19 13:15 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-19 13:15 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-19 13:15 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-19 13:15 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-19 13:15 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-17 00:00 - 2016-09-28 16:01 - 00000000 ____D C:\Users\moxito\AppData\Local\app
2017-06-16 23:44 - 2016-09-30 14:34 - 00000000 ____D C:\ProgramData\TENCENT
2017-06-16 23:36 - 2016-08-21 16:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\steelseries-engine-3-client
2017-06-16 23:35 - 2016-10-11 11:04 - 03074492 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-16 23:35 - 2016-10-11 11:04 - 00860680 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-16 23:35 - 2016-08-21 15:19 - 06497746 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-16 23:33 - 2016-08-21 22:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-16 23:33 - 2016-08-21 16:12 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-16 23:31 - 2016-11-27 00:25 - 00000000 ____D C:\ProgramData\VMware
2017-06-16 23:31 - 2016-11-25 16:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\The Bat!
2017-06-16 23:31 - 2016-10-30 02:17 - 00000040 ___SH C:\ProgramData\.zreglib
2017-06-16 23:31 - 2016-10-11 12:57 - 00000066 _____ C:\Users\Public\Documents\temp.dat
2017-06-16 23:31 - 2016-10-11 01:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-16 23:31 - 2016-08-21 20:02 - 00000000 ____D C:\Users\moxito\Documents\Tencent Files
2017-06-16 23:31 - 2016-08-21 17:36 - 00000000 ____D C:\Users\moxito\AppData\Local\Sidebar7
2017-06-16 23:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-16 23:26 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-16 23:23 - 2016-10-11 01:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-16 23:18 - 2016-11-25 00:13 - 00000000 ____D C:\ProgramData\Hauppauge
2017-06-16 23:13 - 2016-08-21 17:10 - 00000000 ____D C:\Users\moxito\AppData\Local\ClassicShell
2017-06-16 23:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\tracing
2017-06-16 23:04 - 2016-08-21 16:58 - 00000823 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-16 23:02 - 2016-10-11 01:13 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-16 22:56 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-06-16 22:45 - 2016-08-21 15:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-16 22:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-16 22:39 - 2016-11-25 17:35 - 00000000 ____D C:\Users\moxito\AppData\Roaming\uTorrent
2017-06-16 22:17 - 2016-08-21 15:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-16 22:15 - 2016-09-28 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-16 22:15 - 2016-08-21 15:41 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-16 22:14 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-16 22:08 - 2016-09-27 14:20 - 00000000 ____D C:\ProgramData\MSI
2017-06-16 22:07 - 2016-09-27 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-06-16 22:07 - 2016-08-21 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-16 19:08 - 2016-08-21 16:53 - 00000000 ____D C:\WINDOWS\Cnxt
2017-06-16 19:07 - 2016-08-21 16:53 - 00000000 ____D C:\ProgramData\Conexant
2017-06-16 18:19 - 2016-08-21 22:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\vlc
2017-06-16 18:14 - 2016-08-21 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-16 15:49 - 2017-04-25 19:16 - 00000000 ____D C:\Program Files (x86)\YY
2017-06-06 00:36 - 2016-10-12 17:33 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-05 23:50 - 2016-09-28 17:46 - 00000626 __RSH C:\ProgramData\ntuser.pol
2017-06-05 23:35 - 2016-12-15 05:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-05 23:34 - 2016-12-11 17:10 - 00000000 ____D C:\Program Files (x86)\Intel
2017-06-05 23:33 - 2016-09-27 14:09 - 00000000 ____D C:\Program Files (x86)\MSI
2017-06-05 22:44 - 2016-12-13 21:43 - 00000000 ____D C:\Users\moxito\AppData\Local\Deployment
2017-06-05 22:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-27 19:20 - 2016-10-11 01:10 - 00000000 ____D C:\Users\moxito
2017-05-24 16:29 - 2016-10-11 01:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-24 16:29 - 2016-09-15 19:33 - 00000000 ____D C:\Temp
2017-05-24 16:18 - 2016-09-28 16:42 - 00000000 ____D C:\Users\moxito\Documents\temp
2017-05-22 15:54 - 2017-01-28 01:13 - 00000486 _____ C:\WINDOWS\Tasks\HuanjuGameUpdate.job
2017-05-22 03:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-21 22:53 - 2017-02-07 15:54 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-12-15 05:53 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-21 22:53 - 2016-09-27 13:26 - 00001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-21 22:53 - 2016-08-21 15:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-21 22:32 - 2016-08-22 17:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\baidu
2017-05-21 20:52 - 2017-01-28 01:13 - 00003588 _____ C:\WINDOWS\System32\Tasks\HuanjuGameUpdate
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-21 20:51 - 2016-08-21 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-21 20:48 - 2017-04-26 02:17 - 05821944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-05-21 20:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-21 20:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-19 18:43 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-19 13:01 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-18 09:35 - 2017-04-17 20:20 - 03624784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 09:35 - 2017-01-18 15:10 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-18 09:35 - 2016-12-15 05:53 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-18 09:35 - 2016-09-27 18:31 - 04114248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 09:35 - 2016-09-27 18:31 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-18 07:55 - 2016-09-27 13:26 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-18 07:48 - 2016-10-11 01:09 - 06437824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 00548984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-18 07:48 - 2016-10-11 01:09 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
==================== Files in the root of some directories =======
2016-10-08 00:26 - 2016-10-08 00:29 - 0000752 _____ () C:\Users\moxito\AppData\Roaming\.emacs
2016-11-30 19:44 - 2016-11-30 19:44 - 0000020 _____ () C:\Users\moxito\AppData\Roaming\004D5649544E41696E66
2016-11-30 19:43 - 2016-11-30 19:43 - 0000256 _____ () C:\Users\moxito\AppData\Roaming\140A0027000007
2016-12-05 20:22 - 2016-12-05 20:22 - 0000024 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE31.ini
2016-11-30 19:44 - 2017-01-16 21:48 - 0001209 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE32.ini
2017-02-13 02:41 - 2017-02-13 02:41 - 0001038 _____ () C:\Users\moxito\AppData\Roaming\ex_log.txt
2016-10-10 20:08 - 2017-02-04 16:04 - 0001269 _____ () C:\Users\moxito\AppData\Roaming\Network Meter_Settings.ini
2016-10-10 20:09 - 2016-10-10 20:09 - 0000772 _____ () C:\Users\moxito\AppData\Roaming\Stock Meter_Settings.ini
2016-09-30 18:39 - 2016-10-10 19:53 - 0000122 _____ () C:\Users\moxito\AppData\Roaming\System Monitor II_UptimeRecord.ini
2017-01-28 01:25 - 2017-01-28 01:25 - 1444872 _____ (Tencent Inc.) C:\Users\moxito\AppData\Roaming\XQ4Q.DLL
2016-08-21 16:30 - 2016-08-21 16:30 - 0000000 _____ () C:\Users\moxito\AppData\Local\Driver_11ACPresent.flag
2016-08-21 16:30 - 2016-08-21 16:30 - 0000000 _____ () C:\Users\moxito\AppData\Local\Driver_LOM_8161Present.flag
2016-12-16 23:50 - 2016-12-29 02:03 - 0000600 _____ () C:\Users\moxito\AppData\Local\PUTTY.RND
2016-09-28 19:18 - 2016-09-28 19:18 - 0007597 _____ () C:\Users\moxito\AppData\Local\Resmon.ResmonCfg
2016-10-30 02:17 - 2017-06-16 23:31 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-10-11 01:09 - 2016-10-11 01:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-28 03:09 - 2017-01-28 03:09 - 0076168 _____ (Tencent) C:\ProgramData\fa5HvkT6.aIj
2016-12-15 05:53 - 2017-01-18 15:10 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 05:53 - 2017-01-14 12:59 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-11-24 23:00 - 2016-11-24 23:01 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2119.DLL
2016-12-05 20:10 - 2016-12-05 20:10 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2205.DLL
2016-12-04 20:08 - 2016-12-08 20:16 - 1389760 _____ () C:\ProgramData\QQGameQCK2840.exe
2017-01-28 01:29 - 2017-01-28 01:29 - 0076168 _____ (Tencent) C:\ProgramData\rW2F6Ma7N5GJI83.971
Files to move or delete:
====================
C:\ProgramData\QQGAMEQCK2119.DLL
C:\ProgramData\QQGAMEQCK2205.DLL
C:\ProgramData\QQGameQCK2840.exe
C:\Users\moxito\psiphon3.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-16 17:32
==================== End of FRST.txt ============================
|
|
17.06.2017, 14:57
| #6 | |
| /// TB-Senior | Ambworks nicht zu löschen Hi, erstmal schlechte Neuigkeiten. Hinweis:Cracks und Keygens Zitat:
Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen. Hier gibt es keine weitere Hilfe bis jegliche Art von illegaler Software vom PC entfernt wurde. Weiter geht es wenn alle Cracks und Keygens gelöscht wurden.
__________________ --> Ambworks nicht zu löschen |
|
17.06.2017, 15:13
| #7 |
| | Ambworks nicht zu löschen Ok, das kann ich verstehen. Ich habe das Notebook gebraucht gekauft, und keine Ännderungen am Betriebssystem vorgenommen, wie werde ich KMS denn wieder los? Oder ist das schon zuviel gefragt? |
|
17.06.2017, 22:33
| #8 |
| /// TB-Senior | Ambworks nicht zu löschen Also gut dann machen wir es mal so: Schritt 1: Wenn du keinen gültigen Office-Produktkey hast, dann jetzt Office Professional Plus 2013 deinstallieren. Als Ersatz würde sich OpenOffice anbieten. Schritt 2:
__________________ Gruß Tician |
|
18.06.2017, 00:32
| #9 |
| | Ambworks nicht zu löschenCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by moxito (administrator) on MSI (18-06-2017 01:03:22)
Running from C:\Users\moxito\Desktop
Loaded Profiles: moxito (Available Profiles: moxito)
Platform: Windows 10 Enterprise Version 1607 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: "C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\bavhm.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(QuestSoft) C:\Program Files (x86)\QTranslate\QTranslate.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoIE.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
(Ritlabs S.R.L.) C:\Program Files (x86)\The Bat!\thebat.exe
(Tencent) C:\Program Files (x86)\Tencent\QQ\Bin\TXPlatform.exe
(Tencent) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordBook.exe
(Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe
() C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe
(YY Inc.) C:\Program Files (x86)\YY\YY.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(YY Inc.) C:\Program Files (x86)\YY\8.24.0.2\yyplatform.exe
(YY Inc.) C:\Program Files (x86)\YY\8.24.0.2\yybrowser.exe
() C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\yyqlogin.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [297984 2015-12-09] (MSI)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2017-01-13] ()
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe [1998832 2017-01-28] (Baidu, Inc.)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-11-18] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2017-01-24] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [ctfmon] => C:\WINDOWS\system32\ctfmon.exe [10752 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9604008 2015-12-12] (SlySoft, Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QTranslate] => C:\Program Files (x86)\QTranslate\QTranslate.exe [642048 2016-05-12] (QuestSoft)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YYAssistant] => C:\Program Files (x86)\YY\8.24.0.2\\yyassistant.exe [335600 2017-06-12] (YY Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YodaoDict] => C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe [5552192 2016-11-25] (网易公司)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [thebat_startup] => C:\Program Files (x86)\The Bat!\thebat.exe [11954536 2007-10-31] (Ritlabs S.R.L.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-29] (TomTom)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QQ2009] => C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe [97976 2016-11-25] (Tencent)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TM] => C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe [132472 2016-11-25] (Tencent)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunGuanjia] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\baidunetdisk.exe [7757856 2017-06-16] ()
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunDetect] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\YunDetectService.exe [1052192 2017-06-16] ()
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YfftPack] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\moxito\AppData\Local\Ambworks\wpnlefjp.dll <===== ATTENTION
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YY] => C:\Program Files (x86)\YY\YY.exe [151792 2017-06-12] (YY Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavShx64.dll [2017-01-28] (Baidu, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-12-09]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-16]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2017-02-11]
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}\IcoUltraMon.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2016-12-09]
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCTalk.lnk [2016-12-09]
ShortcutTarget: CCTalk.lnk -> C:\Users\moxito\AppData\Roaming\Hujiang\Setup\PreInst\CCLaunch.exe (Hujiang)
Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar18.lnk [2017-06-18]
ShortcutTarget: Sidebar18.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1078665582-1449517287-1295239923-1001] => 120.52.73.97:80
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{1f590c30-fd8d-44ea-ae52-5c965539d833}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{38ff234b-697a-4a3c-99af-17abf95b27e9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ddecc736-557e-44c0-b1c3-dbe0f06f526f}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261445025659793&GUID=D8CC01CB-AEB0-4853-A5B1-0C8D1E99C72E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://hao.qq.com/?unc=o400493_1&s=o400493_1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-25] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-18] (Wondershare)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: QQMiniDL Helper Class -> {C9C7334B-5657-41e1-8F79-F6AACECA05F4} -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\QQIEHelper01.dll [2014-07-15] (Tencent Technology (Shenzhen) Company Limited)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: AccountProtectBHO Class -> {DDD362CF-523B-4BC9-8FDC-58F93B6BC945} -> C:\Users\moxito\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll [2017-06-16] (Tencent)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
DPF: HKLM-x32 {1E525898-EE12-4002-9374-82D15147F762} hxxp://player.cntv.cn/flashplayer/config/plugins/wCNTVLive212.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FireFox:
========
FF ProfilePath: C:\Users\moxito\AppData\Roaming\TomTom\HOME\Profiles\crxg47tn.default [2017-04-04]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2017-02-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-12-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2017-02-12]
FF HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Firefox\Extensions: [dict@www.youdao.com] - C:\Users\moxito\AppData\Local\Youdao\Dict\Application\stable\extensions\firefox => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-21] ()
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-21] ()
FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\npYunWebDetect.dll [2017-06-16] (Baidu.com, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 5\npnitromozilla.dll [2016-03-03] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npQQGameAssist -> C:\Program Files (x86)\Tencent\QQGAME\npQQGameAssistPlugin.dll [No File]
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll [2017-01-28] (Tencent)
FF Plugin-x32: @qq.com/QQMiniDLPlugin -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll [2014-04-25] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @qq.com/QQPhotoDrawEx -> C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll [2013-08-13] ()
FF Plugin-x32: @qq.com/QzoneMusic -> C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll [2016-02-26] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.4.3\Bin\npSSOAxCtrlForPTLogin.dll [2016-05-05] (Tencent)
FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll [2013-04-25] (Tencent)
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll [2013-04-08] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-1078665582-1449517287-1295239923-1001: @1.qq.com/npqqwebgame -> C:\Users\moxito\AppData\Roaming\Tencent\WebGamePlugin\1.0.4.9\npqqwebgame.dll [No File]
FF Plugin HKU\S-1-5-21-1078665582-1449517287-1295239923-1001: duowan.com/Checker -> C:\Program Files (x86)\Common Files\duowan\yy\YYSSO\1.0.0.8\npChecker.dll [2016-11-21] (广州多玩信息技术有限公司)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)
Chrome:
=======
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Shutness\Application\chrome.exe <==== ATTENTION
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [315472 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe [2791312 2017-01-28] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdSandboxSrv64.exe [264688 2017-01-28] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe [531232 2017-01-28] (Baidu, Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-11-23] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-11-23] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-11-23] (BlueStack Systems, Inc.)
S3 ehRecvr; C:\WINDOWS\ehome\ehRecvr.exe [713728 2015-09-02] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\WINDOWS\ehome\ehsched.exe [177152 2015-09-02] (Microsoft Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-08-21] (Macrovision Europe Ltd.) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2017-01-24] (Ellora Assets Corp.) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [586536 2016-10-10] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [File not signed]
R2 MCRL; C:\ProgramData\Microsoft\VisualStudio\14.0\2052\msmg.dll [368128 2016-12-09] () [File not signed]
S3 Mcx2Svc; C:\WINDOWS\system32\Mcx2Svc.dll [83968 2015-09-05] (Microsoft Corporation) [File not signed]
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2015-12-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (Micro-Star INT'L CO., LTD.)
R2 MSLN; C:\ProgramData\Microsoft\Phone Tools\CoreCon\12.0\3082\NonSDKAddonLangVer.dll [443904 2017-01-18] () [File not signed]
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-03-03] (Nitro PDF Software)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
R2 QPCore; C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe [115104 2017-06-16] (Tencent)
S2 QQMusicService; C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe [175848 2016-12-01] (Tencent)
S3 QTService; C:\Program Files (x86)\Tencent\QTalk\QTService.dll [111160 2016-11-29] (Tencent)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SogouUpdate; C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouUpdate.exe [369056 2016-09-02] (Sogou.com Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-06-07] (Synaptics Incorporated)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-08-22] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11837440 2011-08-22] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-11-09] (Intel(R) Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.)
R3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdApiUtil64.sys [116968 2017-01-28] (Baidu, Inc.)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-28] ()
R3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdCameraProtect64.sys [25032 2017-01-28] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [61896 2016-08-21] (Baidu, Inc.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [141896 2015-09-30] (Rivet Networks, LLC.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2016-08-21] (Baidu, Inc.)
S0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [83144 2017-01-28] (Baidu, Inc.)
R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [62792 2016-08-21] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2016-08-21] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Bnmon64.sys [82376 2017-01-28] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [262088 2016-08-21] (Baidu, Inc.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-11-23] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [967168 2016-11-11] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-27] (Samsung Electronics Co., Ltd.)
R3 flex1500; C:\WINDOWS\system32\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [162456 2016-08-21] (Qualcomm Atheros, Inc.)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2016-12-27] (hxxp://libusb-win32.sourceforge.net)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_69ca8597af61d80b\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-06-07] (Synaptics Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45896 2017-05-12] (SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38720 2016-11-03] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-27] (Samsung Electronics Co., Ltd.)
S3 SundtekMTV; C:\WINDOWS\system32\DRIVERS\sundtekmtv64.sys [365776 2015-12-10] (Sundtek Electronics)
R1 TenCommProtect; C:\Windows\system32\drivers\TenCommProtect64.sys [47736 2016-10-04] (Tencent)
R3 TT4650_SRV_64; C:\WINDOWS\system32\drivers\ttConnect4650_64.sys [436736 2015-11-24] (CityCom GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] ()
S1 eougywyt; \??\C:\WINDOWS\system32\drivers\eougywyt.sys [X]
S3 GSVxDrv; \??\C:\Program Files\YYBox\drivers\GSVxDrv\GSVxDrv.sys [X]
U2 QQMicroGameBoxService; no ImagePath
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\12.2.18346.226\TsNetHlpX64_ev.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-18 01:01 - 2017-06-18 01:03 - 00033031 _____ C:\Users\moxito\Desktop\FRST.txt
2017-06-18 00:38 - 2017-06-18 00:38 - 02296696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-18 00:17 - 2017-06-18 01:02 - 00073736 _____ C:\Users\moxito\Desktop\Addition.txt
2017-06-18 00:01 - 2017-06-18 00:01 - 02388709 _____ C:\HEADERS
2017-06-18 00:01 - 2017-06-18 00:01 - 00000019 _____ C:\END
2017-06-17 23:44 - 2017-06-17 23:47 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-17 23:30 - 2017-06-17 23:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-06-17 23:30 - 2017-06-17 23:30 - 00000000 ____D C:\Program Files\Synaptics
2017-06-17 20:53 - 2017-06-17 20:53 - 00000000 ____D C:\Users\moxito\AppData\Local\F524E5C1-49AC-4835-B859-6FDC260E6394
2017-06-17 19:05 - 2017-06-17 19:25 - 00000000 ____D C:\ESD
2017-06-17 19:05 - 2017-06-17 19:05 - 00000000 ___HD C:\$Windows.~WS
2017-06-17 18:36 - 2017-06-17 18:36 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\tvwoetih.sys
2017-06-17 16:43 - 2017-06-17 16:43 - 05265000 _____ C:\Users\moxito\Downloads\psiphon3.exe
2017-06-17 01:58 - 2017-06-18 00:59 - 00000000 ____D C:\Users\moxito\AppData\Local\CrashDumps
2017-06-17 00:14 - 2017-06-18 01:03 - 00000000 ____D C:\FRST
2017-06-17 00:13 - 2017-06-17 00:13 - 02438656 _____ (Farbar) C:\Users\moxito\Desktop\FRST64.exe
2017-06-16 23:23 - 2017-06-16 23:25 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-16 23:04 - 2017-06-16 23:04 - 09598376 _____ (Piriform Ltd) C:\Users\moxito\Downloads\ccsetup531.exe
2017-06-16 22:42 - 2017-06-16 22:42 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-16 22:07 - 2017-06-16 22:07 - 00003654 _____ C:\WINDOWS\System32\Tasks\Dragon_Center_updater
2017-06-16 22:07 - 2017-06-16 22:07 - 00003016 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Center
2017-06-16 19:06 - 2017-06-16 19:06 - 81963976 _____ C:\Users\moxito\Downloads\SteelSeriesEngine3.10.2Setup.exe
2017-06-16 17:59 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-16 17:59 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-16 17:58 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-16 17:58 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-16 17:58 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-16 17:58 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-16 17:58 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-16 17:58 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-16 17:58 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-16 17:58 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-16 17:58 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-16 17:58 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-16 17:58 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-16 17:58 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-16 17:58 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-16 17:58 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-16 17:58 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-16 17:58 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-16 17:58 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-16 17:58 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-16 17:58 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-16 17:58 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-16 17:58 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-16 17:53 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-16 17:53 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-16 17:53 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-16 17:53 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-16 17:52 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-16 17:52 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-16 17:52 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-16 17:52 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-16 17:52 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-16 17:52 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-16 17:52 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-16 17:52 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-16 17:52 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-16 17:52 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-16 17:52 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-16 17:52 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-16 17:52 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-16 17:52 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-16 17:52 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-16 17:52 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-16 17:52 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-16 17:52 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-16 17:52 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-16 17:52 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-16 17:52 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-16 17:52 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 17:52 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-16 17:52 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-16 17:52 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-16 17:52 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-16 17:52 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-16 17:52 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-16 17:52 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-16 17:52 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-16 17:52 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-16 17:52 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-16 17:52 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-16 17:52 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-16 17:52 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-16 17:51 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-16 17:51 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-16 17:51 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-16 17:51 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-16 17:51 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-16 17:51 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-16 17:51 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-16 17:51 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-16 17:51 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-16 17:51 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-16 17:51 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-16 17:51 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-16 17:51 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-16 17:51 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-16 17:51 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-16 17:51 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-16 17:51 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-16 17:51 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:51 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-16 17:51 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-16 17:51 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-16 17:51 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-16 17:51 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-16 17:51 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-16 17:51 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-16 17:51 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-16 17:51 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-16 17:51 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-06 00:55 - 2017-06-06 00:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\RenewSoftware.com
2017-06-06 00:04 - 2017-06-06 00:04 - 4083853312 _____ C:\Users\moxito\Downloads\Win10_English_x64.iso
2017-06-05 23:39 - 2017-06-05 23:39 - 00000000 ____D C:\Users\moxito\AppData\Local\RenewSoftware.com
2017-06-05 23:23 - 2017-06-06 00:35 - 00000000 ____D C:\ProgramData\58bca3a8
2017-06-05 23:23 - 2017-06-05 23:23 - 00004184 _____ C:\WINDOWS\System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B}
2017-06-05 23:23 - 2017-06-05 23:23 - 00003884 _____ C:\WINDOWS\System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41}
2017-06-05 23:22 - 2017-06-05 23:22 - 01611944 _____ (Secure Download Ltd. ) C:\Users\moxito\Downloads\Registry_Activation
2017-06-05 23:21 - 2017-06-05 23:21 - 00000000 ____D C:\ProgramData\Caphyon
2017-05-24 16:31 - 2017-05-24 16:31 - 00187408 _____ C:\WINDOWS\3LQJZeRfB62pV.9W5pn
2017-05-24 16:31 - 2017-05-24 16:31 - 00053264 _____ C:\WINDOWS\FXu4.S5k12
2017-05-24 16:29 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-24 16:26 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-22 21:10 - 2017-05-22 21:10 - 00095248 _____ C:\WINDOWS\Yfn76w2d9ICq.19CwO
2017-05-22 16:08 - 2017-05-22 16:08 - 00163856 _____ C:\WINDOWS\ok9734e.2DWmr
2017-05-22 00:22 - 2017-05-22 00:22 - 00001101 _____ C:\Users\moxito\Desktop\百度网盘.lnk
2017-05-22 00:22 - 2017-05-22 00:22 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘
2017-05-21 22:53 - 2017-05-21 22:53 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-21 22:53 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunKernel
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunGuanjia
2017-05-21 20:51 - 2017-05-21 20:51 - 00002116 _____ C:\Users\Public\Desktop\Nahimic 2.lnk
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\Program Files\Nahimic
2017-05-21 20:51 - 2017-02-06 10:31 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-05-21 20:51 - 2017-02-06 10:31 - 10187598 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-21 20:51 - 2017-02-06 10:31 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03014656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-21 20:51 - 2017-02-06 10:31 - 02830480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01353816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01003504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00866088 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00855232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00726624 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00517504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02202624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00680512 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-05-19 13:16 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-19 13:16 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-19 13:16 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-19 13:16 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-19 13:16 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-19 13:16 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-19 13:16 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-19 13:16 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-19 13:16 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-19 13:16 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-19 13:16 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-19 13:16 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-19 13:16 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-19 13:16 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-19 13:16 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-19 13:16 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-19 13:16 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-19 13:16 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-19 13:16 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-19 13:16 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-19 13:16 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-19 13:16 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-19 13:16 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-19 13:16 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-19 13:16 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-19 13:16 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-19 13:16 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-19 13:16 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-19 13:16 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-19 13:16 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-19 13:16 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-19 13:16 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-19 13:16 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-19 13:16 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-19 13:16 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-19 13:16 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-19 13:16 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-19 13:16 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-19 13:16 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-19 13:16 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-19 13:16 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-19 13:16 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-19 13:16 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-19 13:16 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-19 13:16 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-19 13:16 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-19 13:16 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-19 13:16 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-19 13:16 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-19 13:16 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-05-19 13:16 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-19 13:16 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-19 13:16 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-19 13:16 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-19 13:16 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-19 13:16 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
|
|
18.06.2017, 00:33
| #10 |
| | Ambworks nicht zu löschenCode:
ATTFilter 2017-05-19 13:16 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-19 13:16 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-19 13:16 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-19 13:16 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-19 13:16 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-19 13:16 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-19 13:16 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-19 13:16 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-19 13:16 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-19 13:16 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-19 13:16 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-19 13:16 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-19 13:16 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-19 13:16 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-19 13:16 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-19 13:16 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-19 13:16 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-19 13:16 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-19 13:16 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-19 13:16 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-19 13:16 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-19 13:16 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-19 13:16 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-19 13:15 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-05-19 13:15 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-19 13:15 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-19 13:15 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-19 13:15 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-19 13:15 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-19 13:15 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-19 13:15 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-19 13:15 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-19 13:15 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-19 13:15 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-19 13:15 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-19 13:15 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-19 13:15 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-19 13:15 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-19 13:15 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-19 13:15 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-19 13:15 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-19 13:15 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-19 13:15 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-19 13:15 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-19 13:15 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-19 13:15 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-19 13:15 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-19 13:15 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-19 13:15 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-19 13:15 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-19 13:15 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-19 13:15 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-19 13:15 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-19 13:15 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-19 13:15 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-05-19 13:15 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-19 13:15 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-05-19 13:15 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-19 13:15 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-19 13:15 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-19 13:15 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-19 13:15 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-19 13:15 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-19 13:15 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-19 13:15 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-19 13:15 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-19 13:15 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-19 13:15 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-19 13:15 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-19 13:15 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-19 13:15 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-19 13:15 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-19 13:15 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-19 13:15 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-19 13:15 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-19 13:15 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-19 13:15 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-19 13:15 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-19 13:15 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-19 13:15 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-19 13:15 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-19 13:15 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-19 13:15 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-19 13:15 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-19 13:15 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-19 13:15 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-05-19 13:15 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-19 13:15 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-19 13:15 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-19 13:15 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-19 13:15 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-19 13:15 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-19 13:15 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-19 13:15 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-19 13:15 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-19 13:15 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-19 13:15 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-19 13:15 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-19 13:15 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-19 13:15 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-19 13:15 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-19 13:15 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-19 13:15 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-19 13:15 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-19 13:15 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-19 13:15 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-19 13:15 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-19 13:15 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-19 13:15 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-19 13:15 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-19 13:15 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-19 13:15 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-19 13:15 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-19 13:15 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-19 13:15 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-19 13:15 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-19 13:15 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-19 13:15 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-19 13:15 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-19 13:15 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-19 13:15 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-19 13:15 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-19 13:15 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-18 01:03 - 2016-10-11 11:04 - 03222312 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-18 01:03 - 2016-10-11 11:04 - 00904720 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-18 01:03 - 2016-08-21 15:19 - 06784126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-18 01:01 - 2016-10-11 12:57 - 00000380 _____ C:\Users\Public\Documents\temp.dat
2017-06-18 01:01 - 2016-08-21 16:12 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-18 01:00 - 2016-08-21 20:02 - 00000000 ____D C:\Users\moxito\Documents\Tencent Files
2017-06-18 01:00 - 2016-08-21 17:36 - 00000000 ____D C:\Users\moxito\AppData\Local\Sidebar7
2017-06-18 00:59 - 2016-11-27 00:25 - 00000000 ____D C:\ProgramData\VMware
2017-06-18 00:59 - 2016-11-25 16:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\The Bat!
2017-06-18 00:59 - 2016-10-30 02:17 - 00000040 ___SH C:\ProgramData\.zreglib
2017-06-18 00:59 - 2016-10-11 01:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-18 00:57 - 2016-08-21 17:10 - 00000000 ____D C:\Users\moxito\AppData\Local\ClassicShell
2017-06-18 00:44 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-18 00:40 - 2016-08-21 22:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-18 00:36 - 2016-09-30 14:34 - 00000000 ____D C:\ProgramData\TENCENT
2017-06-17 23:55 - 2016-10-11 01:14 - 00003780 _____ C:\WINDOWS\diagwrn.xml
2017-06-17 23:55 - 2016-10-11 01:14 - 00001908 _____ C:\WINDOWS\diagerr.xml
2017-06-17 23:47 - 2016-10-13 18:41 - 00000000 ____D C:\WINDOWS\Panther
2017-06-17 23:20 - 2016-10-11 01:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-17 23:20 - 2016-08-21 17:08 - 00000000 ____D C:\ProgramData\BavSvc_exe
2017-06-17 22:41 - 2017-02-11 13:53 - 00000000 ____D C:\Users\moxito\AppData\Roaming\XnView
2017-06-17 20:03 - 2016-08-21 22:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\vlc
2017-06-17 19:58 - 2016-12-01 01:43 - 00000000 ____D C:\Users\moxito\Downloads\div. Windows
2017-06-17 18:56 - 2016-11-29 18:50 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Psiphon3
2017-06-17 18:29 - 2016-11-29 18:50 - 05265000 _____ C:\Users\moxito\psiphon3.exe
2017-06-17 18:29 - 2016-10-11 01:10 - 00000000 ____D C:\Users\moxito
2017-06-17 16:30 - 2016-12-13 21:43 - 00000000 ____D C:\Users\moxito\AppData\Local\Deployment
2017-06-17 13:55 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-06-17 02:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-17 02:12 - 2016-08-21 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-17 00:00 - 2016-09-28 16:01 - 00000000 ____D C:\Users\moxito\AppData\Local\app
2017-06-16 23:36 - 2016-08-21 16:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\steelseries-engine-3-client
2017-06-16 23:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-16 23:18 - 2016-11-25 00:13 - 00000000 ____D C:\ProgramData\Hauppauge
2017-06-16 23:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\tracing
2017-06-16 23:04 - 2016-08-21 16:58 - 00000823 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-16 23:02 - 2016-10-11 01:13 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-16 22:45 - 2016-08-21 15:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-16 22:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-16 22:39 - 2016-11-25 17:35 - 00000000 ____D C:\Users\moxito\AppData\Roaming\uTorrent
2017-06-16 22:17 - 2016-08-21 15:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-16 22:15 - 2016-09-28 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-16 22:15 - 2016-08-21 15:41 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-16 22:14 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-16 22:08 - 2016-09-27 14:20 - 00000000 ____D C:\ProgramData\MSI
2017-06-16 22:07 - 2016-09-27 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-06-16 22:07 - 2016-08-21 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-16 19:08 - 2016-08-21 16:53 - 00000000 ____D C:\WINDOWS\Cnxt
2017-06-16 19:07 - 2016-08-21 16:53 - 00000000 ____D C:\ProgramData\Conexant
2017-06-16 15:49 - 2017-04-25 19:16 - 00000000 ____D C:\Program Files (x86)\YY
2017-06-06 00:36 - 2016-10-12 17:33 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-05 23:50 - 2016-09-28 17:46 - 00000626 __RSH C:\ProgramData\ntuser.pol
2017-06-05 23:35 - 2016-12-15 05:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-05 23:34 - 2016-12-11 17:10 - 00000000 ____D C:\Program Files (x86)\Intel
2017-06-05 23:33 - 2016-09-27 14:09 - 00000000 ____D C:\Program Files (x86)\MSI
2017-06-05 22:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-24 16:29 - 2016-10-11 01:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-24 16:29 - 2016-09-15 19:33 - 00000000 ____D C:\Temp
2017-05-24 16:18 - 2016-09-28 16:42 - 00000000 ____D C:\Users\moxito\Documents\temp
2017-05-22 15:54 - 2017-01-28 01:13 - 00000486 _____ C:\WINDOWS\Tasks\HuanjuGameUpdate.job
2017-05-21 22:53 - 2017-02-07 15:54 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-12-15 05:53 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-21 22:53 - 2016-09-27 13:26 - 00001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-21 22:53 - 2016-08-21 15:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-21 22:32 - 2016-08-22 17:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\baidu
2017-05-21 20:52 - 2017-01-28 01:13 - 00003588 _____ C:\WINDOWS\System32\Tasks\HuanjuGameUpdate
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-21 20:51 - 2016-08-21 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-21 20:48 - 2017-04-26 02:17 - 05821944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-05-21 20:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-21 20:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-19 18:43 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-19 18:43 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-19 13:01 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
==================== Files in the root of some directories =======
2016-10-08 00:26 - 2016-10-08 00:29 - 0000752 _____ () C:\Users\moxito\AppData\Roaming\.emacs
2016-11-30 19:44 - 2016-11-30 19:44 - 0000020 _____ () C:\Users\moxito\AppData\Roaming\004D5649544E41696E66
2016-11-30 19:43 - 2016-11-30 19:43 - 0000256 _____ () C:\Users\moxito\AppData\Roaming\140A0027000007
2016-12-05 20:22 - 2016-12-05 20:22 - 0000024 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE31.ini
2016-11-30 19:44 - 2017-01-16 21:48 - 0001209 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE32.ini
2017-02-13 02:41 - 2017-02-13 02:41 - 0001038 _____ () C:\Users\moxito\AppData\Roaming\ex_log.txt
2016-10-10 20:08 - 2017-02-04 16:04 - 0001269 _____ () C:\Users\moxito\AppData\Roaming\Network Meter_Settings.ini
2016-10-10 20:09 - 2016-10-10 20:09 - 0000772 _____ () C:\Users\moxito\AppData\Roaming\Stock Meter_Settings.ini
2016-09-30 18:39 - 2016-10-10 19:53 - 0000122 _____ () C:\Users\moxito\AppData\Roaming\System Monitor II_UptimeRecord.ini
2017-01-28 01:25 - 2017-01-28 01:25 - 1444872 _____ (Tencent Inc.) C:\Users\moxito\AppData\Roaming\XQ4Q.DLL
2016-08-21 16:30 - 2016-08-21 16:30 - 0000000 _____ () C:\Users\moxito\AppData\Local\Driver_11ACPresent.flag
2016-08-21 16:30 - 2016-08-21 16:30 - 0000000 _____ () C:\Users\moxito\AppData\Local\Driver_LOM_8161Present.flag
2016-12-16 23:50 - 2016-12-29 02:03 - 0000600 _____ () C:\Users\moxito\AppData\Local\PUTTY.RND
2016-09-28 19:18 - 2016-09-28 19:18 - 0007597 _____ () C:\Users\moxito\AppData\Local\Resmon.ResmonCfg
2016-10-30 02:17 - 2017-06-18 00:59 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-10-11 01:09 - 2016-10-11 01:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-28 03:09 - 2017-01-28 03:09 - 0076168 _____ (Tencent) C:\ProgramData\fa5HvkT6.aIj
2016-12-15 05:53 - 2017-01-18 15:10 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 05:53 - 2017-01-14 12:59 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-11-24 23:00 - 2016-11-24 23:01 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2119.DLL
2016-12-05 20:10 - 2016-12-05 20:10 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2205.DLL
2016-12-04 20:08 - 2016-12-08 20:16 - 1389760 _____ () C:\ProgramData\QQGameQCK2840.exe
2017-01-28 01:29 - 2017-01-28 01:29 - 0076168 _____ (Tencent) C:\ProgramData\rW2F6Ma7N5GJI83.971
Files to move or delete:
====================
C:\ProgramData\QQGAMEQCK2119.DLL
C:\ProgramData\QQGAMEQCK2205.DLL
C:\ProgramData\QQGameQCK2840.exe
C:\Users\moxito\psiphon3.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-16 17:32
==================== End of FRST.txt ============================
|
|
18.06.2017, 00:34
| #11 |
| | Ambworks nicht zu löschenCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by moxito (18-06-2017 01:03:46)
Running from C:\Users\moxito\Desktop
Windows 10 Enterprise Version 1607 (X64) (2016-10-10 23:15:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1078665582-1449517287-1295239923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1078665582-1449517287-1295239923-503 - Limited - Disabled)
Guest (S-1-5-21-1078665582-1449517287-1295239923-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1078665582-1449517287-1295239923-1005 - Limited - Enabled)
moxito (S-1-5-21-1078665582-1449517287-1295239923-1001 - Administrator - Enabled) => C:\Users\moxito
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )
360 Browser (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\360Browser) (Version: 7.5.2.108 - 360 Security Center)
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.6.0 - SlySoft)
ApoDispatchConfigurator (Version: 2.3.1401 - Nahimic) Hidden
AudioLaunchpadConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.)
Battery Calibration (x32 Version: 1.0.1607.1801 - Micro-Star International Co., Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.6323 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
CCTalk (HKLM-x32\...\CCTalk) (Version: 6.0.0.1 - www.hujiang.com, Inc.)
CheckDevicesConfigurator (Version: 2.3.1401 - Nahimic) Hidden
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.)
Dragon Center (x32 Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 2.0.1605.2701 - Micro-Star International Co., Ltd.) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FRN Client 2014 (HKLM-x32\...\FRN Client_is1) (Version: - Free Radio Network)
FRN Server 2014 (HKLM-x32\...\FRN Server_is1) (Version: - Free Radio Network)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hauppauge WinTV 8 (HKLM-x32\...\Hauppauge WinTV 8) (Version: v8.0.34284 (CD 5.1 AAC) - Hauppauge Computer Works)
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.)
Help Desk (x32 Version: 1.0.1605.0601 - Micro-Star International Co., Ltd.) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{281badd0-7e11-494b-bdf7-34d6a2615c3c}) (Version: 6.2.0.19 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.2.0.19 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1122 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.56.1122 - Rivet Networks) Hidden
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Kodi (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Kodi) (Version: - XBMC-Foundation)
LauncherSetup (Version: 2.3.1401 - Nahimic) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
LenovoUsbDriver 1.1.9 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.9 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic)
Nahimic2UISetup (Version: 2.3.1401 - Nahimic) Hidden
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}) (Version: 8.0.182 - Nero AG)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Nitro Reader 5 (HKLM\...\{1DF310B2-0BE7-4CD7-8FCF-54B1ADB067D3}) (Version: 5.5.6.21 - Nitro)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation)
ProductDaemonSetup (Version: 2.3.1401 - Nahimic) Hidden
ProductNSConfigurator (Version: 2.3.1401 - Nahimic) Hidden
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
QQ音乐2016 (HKLM-x32\...\QQMusic) (Version: 12.97.3627.1201 - 腾讯科技(深圳)有限公司)
QTranslate 5.7.0.3 (HKLM-x32\...\QTranslate) (Version: 5.7.0.3 - QuestSoft)
QT语音 (HKLM-x32\...\QT语音) (Version: 11.43.0.17707.483 - 腾讯科技(深圳)有限公司)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 12.0.0.102 - Qualcomm Atheros)
QvodPlayer v3.5 (HKLM-x32\...\QvodPlayer) (Version: 3.5 - Shenzhen QVOD Technology Co.,Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)
SDR-RADIO.com (V2) (HKLM-x32\...\SDR-RADIO.com (V2)) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SonicMapperConfigurator (Version: 2.3.1401 - Nahimic) Hidden
SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.22.4 - Synaptics Incorporated)
TalkTV (HKLM-x32\...\{F768F6BA-F164-4599-BC26-DCCFC2F71983}_is1) (Version: 4.1.3 - TalkTV)
Technotrend Viewer (HKLM-x32\...\TT-Viewer_is1) (Version: - CM&V)
The Bat! Professional v3.99.29 (HKLM-x32\...\{CA8D1F57-1D54-463F-A97D-9D740EBBD285}) (Version: 3.99.29 - Ritlabs)
TomTom HOME (HKLM-x32\...\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}) (Version: 2.9.94 - Ihr Firmenname)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
UIInstallUpgrade (Version: 2.3.1401 - Nahimic) Hidden
UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
YY version 1.0 (HKLM-x32\...\{76E0BCEF-DBB1-4257-8230-6DE2310E4813}_is1) (Version: 1.0 - Joe)
YY8 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\YY8) (Version: 8.3.0.2 - 多玩游戏网)
Zattoo Live TV (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\6e425e00e7cd59c7) (Version: 1.0.0.51 - Zattoo Europa AG)
央视影音 (HKLM-x32\...\{07F79EE3-1012-40BF-BEE7-A07EE6C284DC}_is1) (Version: 4.0.8.0 - 中国网络电视台)
搜狗拼音输入法 8.0正式版 (HKLM-x32\...\Sogou Input) (Version: 8.0.0.8381 - Sogou.com)
有道词典 (HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\有道词典) (Version: 6.3 - 网易公司)
百度云管家 (HKLM-x32\...\百度云管家) (Version: 5.4.9 - 百度在线网络技术(北京)有限公司)
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 8.6.18804.0 - 腾讯科技(深圳)有限公司)
腾讯TM2009 (HKLM-x32\...\{260706D6-56D3-41E8-9183-DC4DF54B7F4B}) (Version: 1.41.1287.0 - 腾讯科技(深圳)有限公司)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{2E445E22-1A5F-4C84-B963-BB65D07C1FB3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{40C842B5-9E7D-4FBD-8E05-021F4B6F5CA5}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001_Classes\CLSID\{A5110465-0F43-4586-9DEC-73DCC0CBCF08}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {066AC61E-1658-4034-8524-C0F15BD63338} - System32\Tasks\gsrun.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\gsrun.exe [2016-10-13] ()
Task: {06F7876A-D01A-42DE-B0BB-34D3F2C31961} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {07B42A73-B318-4361-8F73-910851DAA954} - System32\Tasks\me.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1195CE57-9B94-42B6-BD81-89095373206D} - System32\Tasks\MeLogo_{67679FCB-7ECA-4db5-B5AE-E6B4E178D0BA} => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\me.exe [2016-10-13] ()
Task: {1574B4F0-4EB0-481D-B3D6-875944676A34} - \{057E7D47-7D0A-0A7A-7911-0E040E78110C} -> No File <==== ATTENTION
Task: {25DED191-9070-42A0-9253-062048019AE6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {32F11BBA-6316-404F-9DC7-B8F7FE491A05} - System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B} => C:\ProgramData\{EB8ACCE0-5C21-7B4B-7EE8-1C19ABAD4F85}\3B2BA978-8C80-1ED3-88ED-20DA0EEA8994.exe <==== ATTENTION
Task: {3BCE144F-14C8-4842-8A53-661187BBC8A0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2017-01-13] ()
Task: {3E407DC0-759C-44BB-88AC-AF6AC6A3A08B} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2017-01-13] ()
Task: {41607316-F1F1-4C25-B261-37C521ABF4CA} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {4220DF88-E589-414A-B2EA-098D3E0E6500} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [2017-05-31] (Micro-Star International Co., Ltd.)
Task: {47435CE5-D1F2-4C13-A77E-DEADE332ED23} - System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\58bca3a8\52456f97.dll" <==== ATTENTION
Task: {49FC50FD-0B66-420F-8C7C-52B54AC07DAB} - System32\Tasks\HuanjuGameUpdate => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe [2017-05-21] (YY Inc.)
Task: {4E03935F-200C-45FD-9C69-7E21824D8529} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {52CC2439-C048-4BE9-B616-C6A62EBF5D60} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {66632B7C-EA9C-4F6B-9AA6-9122D4A185F8} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2016-09-02] (Sogou.com Inc.)
Task: {743767E4-92ED-4EB8-BDE6-031C7AC9E9EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {77B29FB4-A203-4C87-AD47-184CA218CF3C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {7AD8FA13-DAA9-47B8-A54D-CF5009AB44F4} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {84F0B267-E639-40B1-8A5B-C527E0D0D998} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {8D282348-DBD4-4BD7-9A44-95F8462FC27E} - System32\Tasks\yyplayer.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yyplayer.exe [2016-10-13] ()
Task: {B86BD242-2DD2-49F3-A8FC-C7DFFF24FEF0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {BB0CB973-6950-4BF2-A895-DAB4D24C13C2} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavUpdater.exe [2017-01-28] (Baidu, Inc.)
Task: {BB5B22AA-238A-4B32-8984-B8A3F29072CE} - System32\Tasks\yygamestore.exe => C:\Users\moxito\AppData\Roaming\duowan\yygamestore\Mini\3.6.0.4\yygamestore.exe [2016-10-13] ()
Task: {C54E8752-58C3-4FA0-9D33-A0404C058363} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2017-01-13] ()
Task: {CB33CC10-7C4E-4BB2-9E8B-6E9E3DE606AD} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2016-05-06] (Micro-Star International Co., Ltd.)
Task: {CC5DB9A6-FD83-429B-82E0-B343682013B5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {CDDE24C0-6063-4256-96AD-7C83C1F684C8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {D4BCAAFF-C409-468A-8CF1-FCF6B4054779} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F2852D36-A114-43F8-BD54-1577764A3D45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-21] (Adobe Systems Incorporated)
Task: {F68E41E9-0104-4361-A8EE-6CCD3F70FFA2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HuanjuGameUpdate.job => C:\Users\moxito\AppData\Roaming\duowan\yygame\popup\bin\hjGameUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-19 10:11 - 2015-05-19 10:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-09-27 13:26 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2011-08-22 17:34 - 2011-08-22 17:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00048568 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper64.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00218296 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2017-01-13 10:53 - 2017-01-13 10:53 - 00289976 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2017-01-13 10:49 - 2017-01-13 10:49 - 00705208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2017-01-13 10:50 - 2017-01-13 10:50 - 02054328 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2017-01-13 10:54 - 2017-01-13 10:54 - 00513208 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2014-09-30 02:51 - 2014-09-30 02:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-11-25 16:45 - 2016-11-25 16:45 - 02515520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
2016-11-25 16:45 - 2016-11-25 16:44 - 00192952 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe
2016-07-26 11:07 - 2017-06-16 22:06 - 01052192 _____ () C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe
2016-11-28 14:45 - 2015-09-27 11:25 - 00035840 _____ () C:\Users\moxito\AppData\Local\Microsoft\Windows Sidebar\Gadgets\FritzBoxTraffic1013.gadget\FritzBoxTrafficMonitorLib.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 01977448 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\yyqlogin.exe
2017-01-28 04:16 - 2017-01-28 04:16 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\HipsLogger.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BNetOp.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\sqlite.dll
2016-12-09 16:53 - 2016-12-09 10:21 - 00368128 _____ () c:\programdata\microsoft\visualstudio\14.0\2052\msmg.dll
2017-01-28 04:16 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\dark.dll
2017-01-18 15:01 - 2017-01-18 06:18 - 00443904 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\3082\nonsdkaddonlangver.dll
2016-11-25 00:13 - 2011-08-23 14:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2011-08-22 17:23 - 2011-08-22 17:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-05-05 10:53 - 2017-06-16 21:39 - 00713504 _____ () C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\qpsafeplugin.dll
2016-09-27 13:26 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-13 10:48 - 2017-01-13 10:48 - 00189112 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2017-01-13 10:46 - 2017-01-13 10:46 - 00262840 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00042936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordStrokeHelper32.dll
2016-10-30 19:55 - 2016-10-30 19:55 - 00108544 __RSH () C:\Program Files (x86)\SlySoft\AnyDVD\BRD.dll
2016-11-25 16:45 - 2016-11-25 16:44 - 00095936 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\CrashRpt.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 34880064 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\libcef.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 03795520 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\v8.dll
2016-11-25 16:44 - 2016-11-25 16:44 - 01577912 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\Stable\Acrobat2Dict.dll
2016-11-25 16:45 - 2016-11-25 16:45 - 01874496 _____ () C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\ffmpegsumo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00089656 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\zlib.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00138808 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libexpatw.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00286264 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libjpegturbo.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00159288 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\libpng.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00155192 _____ () C:\Program Files (x86)\Tencent\QQIntl\Bin\lua.dll
2016-11-25 00:46 - 2016-11-25 00:46 - 00941624 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\TRAE.DLL
2016-11-25 00:46 - 2016-11-25 00:46 - 00495160 _____ () C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.audiovideo\Bin\VP8.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 04623088 _____ () C:\Program Files (x86)\YY\8.24.0.2\QtGui4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 01570544 _____ () C:\Program Files (x86)\YY\8.24.0.2\QtCore4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00034544 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qgif4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00034544 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qico4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00164592 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qjpeg4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00122608 _____ () C:\Program Files (x86)\YY\8.24.0.2\imageformats\qwebp4.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 02014960 _____ () C:\Program Files (x86)\YY\8.24.0.2\udbauthsdk.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00197360 _____ () C:\Program Files (x86)\YY\8.24.0.2\deviceinfokit.dll
2017-06-12 12:13 - 2017-06-12 12:13 - 00537328 _____ () C:\Program Files (x86)\YY\8.24.0.2\sqlite3.DLL
2017-01-28 01:12 - 2017-01-28 01:12 - 00345704 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.enthall\131584\enthall.dll
2017-05-21 20:52 - 2017-05-21 20:52 - 00682088 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gameproxy\131098\yygameproxy.dll
2016-08-23 18:25 - 2016-08-23 18:25 - 00220352 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.pip\131600\hzhwrapper.dll
2016-08-23 18:26 - 2016-08-23 18:26 - 00355008 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.vipfeelings2\196611\vipfeelingsapp.dll
2016-08-23 18:25 - 2016-08-23 18:25 - 00198848 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.garbagecleaner\196622\yygarbagecleaner.dll
2016-12-05 20:22 - 2016-12-05 20:22 - 00366184 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamelivecard\131329\gamelivecard.dll
2017-04-12 15:05 - 2017-04-10 03:52 - 00306176 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\business\logingiftbag\logingiftbag-20170410.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00159848 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamesmilies\66309\yygamesmilies.dll
2016-08-23 18:25 - 2016-08-23 18:25 - 00174184 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamechannel\197387\gamechannelapp.dll
2016-08-23 18:25 - 2016-08-23 18:25 - 00108136 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamenotify\66312\yygamenotify.dll
2017-04-25 19:17 - 2017-04-25 19:17 - 02669160 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.vip\131115\yyvip.dll
2016-08-23 18:26 - 2016-08-23 18:26 - 00145512 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.videoondemand\65544\videoondemand.dll
2016-12-05 20:23 - 2016-12-05 20:23 - 00091240 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yycgame\65800\yycgame.dll
2016-08-23 18:25 - 2016-08-23 18:25 - 00026304 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamechannelbaby\65537\gamechannelbaby.dll
2016-08-23 18:26 - 2016-08-23 18:26 - 00028776 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.apphelper\66304\apphelper.dll
2016-12-05 20:22 - 2016-12-05 20:22 - 00161384 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.gamestore\198152\gamestore.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 00027752 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\webrunlogin.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00353384 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\yyhgl.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00070760 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\browsersdk.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00128104 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\clientcommon.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00062056 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyhgl\65792\ipctransfer.dll
2016-12-05 20:22 - 2016-12-05 20:22 - 00042088 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.yyext\65541\yyext.dll
2017-06-16 15:50 - 2017-06-16 15:50 - 00021096 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.cefdev\65554\yycefdev.dll
2017-06-16 15:49 - 2017-06-16 15:49 - 00142952 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.zhiniuassist\66320\zhiniuassist.dll
2017-01-16 21:49 - 2017-01-16 21:49 - 00068200 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.dxchecker\65545\dxchecker.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 01049192 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entgiftflw\397824\entgiftflw.dll
2017-04-25 19:17 - 2017-04-25 19:17 - 00979560 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entshinyshow\263168\entshinyshow.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 00025704 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entchair\68096\entchair.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 00023656 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entvote\70656\entvote.dll
2017-04-05 11:21 - 2017-04-05 11:21 - 00713320 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.dice\65537\yydice.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 03043432 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entchair\68096\entchairapp.dll
2017-01-16 21:50 - 2017-01-16 21:50 - 01057896 _____ () C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.entvote\70656\entvoteapp.dll
2017-01-28 04:16 - 2017-01-28 04:16 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Pulgin_Dark_DeleteFileTip.dll
2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2017-01-28 01:43 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => " Malwarebytes Anti-Malware (cleanup)"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\StartupFolder: => "CCTalk.lnk"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CNTV-CBox"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "CBoxService"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "YYAssistant"
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE39C442-3DC6-4243-A674-02F31C37F9E7}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{ACFB4839-4B17-4430-B6F0-8C234D1C509B}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CEFCF085-AC3C-4B1C-B0FF-2C51D1AD339C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{53F4CB2C-7672-4F31-A2F9-62989417793F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{43A23B75-74E8-4875-9A65-CC0CCECF0F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2F86D7C7-F739-4A76-A3A9-0C34651FED92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FBA342AE-35EE-4750-910F-CE78E00118EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB2C5D8C-7E1E-4324-AB48-78593709BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{844B361F-D871-4C06-987B-462B094C2573}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2061BD21-6061-422C-8523-065687C533FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A359A2C1-C028-4350-A631-F496D5477FB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{71FA7AB2-9E15-46F8-A963-D82667A03415}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C48FC8B7-1DC6-4455-B699-CE06502CDB2F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7150BA5F-B30A-4D64-B823-F89DE0A830BD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B310D159-F3F2-45EB-A5FE-953947A4BE1D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B881DE74-70F2-4EBA-8025-04098ED82486}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{C7AF81E2-2AB8-4951-8285-CFDC1AD3079B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{AEB5BA9D-F104-4486-9BB2-DE7FB73A14C9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0D600F81-A48E-4F61-8E6C-C1080833002A}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{7D07C0F1-7085-4E51-B4F5-02EFB9979BD6}] => (Block) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [UDP Query User{6D500D6D-0622-493B-8922-7B6C6AC6594D}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [TCP Query User{0CE7BE09-640F-4DEF-9446-12028651A4B2}C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe] => (Allow) C:\program files (x86)\tencent\qtalkenglish\v4.4.72.1\bin\qtalk.exe
FirewallRules: [{3875BA83-5C8C-4DB6-9A2A-465B7C93CFDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{478080CB-538B-43CE-9228-EB1DFBEB573F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E7E6FE5A-C0F8-4573-86A1-C3BBC3E1FEE1}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{E3AC73CB-85FD-4BFE-93E7-0937E4C71984}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{55BB1B60-D077-4E19-B71F-7E53DA95C475}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe
FirewallRules: [{33751988-263F-4609-9C75-E0A3788542AC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{D53BA843-D88B-46F3-987C-7E82CA24861D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{770B7A06-DB83-4087-9819-D33F8A3590CF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{8D482EBE-AA6E-411A-B90A-C8FFC0CE9FC6}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{99831EB5-9E79-4FC7-B2B3-BD6C88B049FC}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{50431C4D-6CC7-4F91-9FD6-160DA53EC800}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{29441021-B130-4DCB-8A2C-98E3654EAB8E}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [{83B2C97B-D8EC-4022-A2D2-E92E7D323D85}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
FirewallRules: [TCP Query User{2B248973-D5C1-4568-B90F-508D8AE0D0E6}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [UDP Query User{D34EC77D-ABF0-40A4-8D31-1EB46795B998}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Block) C:\program files (x86)\wintv\wintv8\wintv8.exe
FirewallRules: [{DF707D42-B066-4440-A290-76C3782F7D20}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{CBCC3D60-D1D0-45D6-B4BF-24B3FA51CC7A}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{791391FB-26F6-4455-ABAB-F0CC178163D2}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{D422F381-3BB5-46FF-A8DB-07A9F1C39410}] => (Allow) C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe
FirewallRules: [{9BD45F0A-D4CC-4CEA-84E6-0DB37326C47F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EC9E85AA-6E4F-4F46-ACB9-73FDA2D4D21B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{77FDE012-D87A-44AD-B6D0-94B3A9B6FC22}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{CEF220D9-C4B8-43AF-B1AD-AF5F286B2E19}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{928F44AB-072E-40CC-BA43-E6BC9320A81B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{856ACEC8-3599-4335-BBCC-62BBCD61DC6D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{83F1A492-987E-4799-BFC4-B2190523875C}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{AB07117A-6A25-427D-8370-FBA11D71F3C4}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.17\Bin\QTalk.exe
FirewallRules: [{73B22CDE-F42F-48D0-ABDE-CEBDEA261561}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{BD10F1F2-821D-4AA7-A5BB-6517CEAFD0EB}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{C2AF2505-834E-4CF7-8AD4-EFCF2489688A}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [{E0794B69-C90C-45A5-A33D-073392938B3D}] => (Allow) C:\Program Files (x86)\Tencent\QTalk\V4.6.22.17784\Bin\QTalk.exe
FirewallRules: [TCP Query User{FF9524A3-306C-4072-987A-3B52600DAE87}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [UDP Query User{7198139F-6FC4-485D-969C-3974742B20E1}C:\program files (x86)\duowan\yy\yy.exe] => (Allow) C:\program files (x86)\duowan\yy\yy.exe
FirewallRules: [{46AD7F9B-EA90-441C-92A4-C625FD5AFC3D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{7D63BBB3-557E-4FA0-A0B1-3311761D7245}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{004FC471-A249-4476-9233-97837F5DC187}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{E9CB61D5-2A6F-4D36-B053-46B9A4E82DD6}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{41BD44A0-3B8E-4D2F-984C-DB0A9747D92C}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{38F6F4C3-06C7-4F2C-A56A-223A528AAC34}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGTool.exe
FirewallRules: [{016D1F2C-DA2F-4B0A-B5AC-920F9726FFC1}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{2456EF25-4F38-43D0-96F8-E95CD2D91E31}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{0E1C2F32-B86C-4260-BD9C-38FCF76181A8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{E11CDFE4-AEFB-409A-9947-2082963FDB2D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{A803234B-AF31-471F-AB88-14763ED74CBB}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{DA0F938A-CD7A-43F0-A86F-68651FBC84D8}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\PinyinUp.exe
FirewallRules: [{1B840E50-2AD0-4D3E-BDC8-366478D56844}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{E8B5E362-0CBF-409B-AECA-041D925C0C92}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{9B0C0FF5-8CF3-4601-A9A8-5FEB03062501}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{A8C0E650-29AC-4198-8ECC-3A7D52D166A4}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5D4FE374-A1CE-49E0-AF1D-EE024A7E8DEE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{7769A548-F7A8-4E30-8C27-7978B0141D90}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGDownload.exe
FirewallRules: [{5773DC5E-741B-4A49-AFAC-5ECDDAECCBDE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{C307F899-B1CE-4AA9-BA01-4FF5450FBAF5}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{022A31EF-B2B8-4297-8E3F-675C15DE94AC}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{AE75BACB-263F-4C0F-87AA-7247D82B0CBF}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{1D5162A3-4235-4D03-B504-C4F4F7246E53}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{901D2A03-DABD-474A-8B3D-976A205B8422}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SogouCloud.exe
FirewallRules: [{2F3B86E9-CE22-4695-85F4-3B6BDFED3C5A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{514EE4BC-9EEE-4677-B4D2-4D9E74321D29}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{ED1E880D-383C-44C1-92D3-E8CA804F9221}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4448BD80-0766-4AF6-8BF2-10B269418FE3}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{1A995BD3-762A-4327-9D40-39043A72168A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{4DC55797-A6D6-4594-BB8E-45CBFF359500}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{C2EC3A64-8BB9-4E9D-8749-82C9ED99F790}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{79E67A5E-81D2-4B24-900A-233B96A73BCD}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{F565A5A4-9F6D-4DED-B6BC-5014E9671545}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3A531803-0279-4217-B535-4982A56D73A7}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{53783036-D1FC-440D-B36B-DF723723216D}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{BA595CB8-3A7C-478F-8D36-16E98FFF5B57}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\userNetSchedule.exe
FirewallRules: [{3ECCB7EE-F978-42BC-A9B6-325DD4BA322B}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{601CC53D-79DA-4246-B7EB-07C2D086FFD0}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{29D7ADFD-4772-4B73-9C4D-BEF485E987EE}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{99554E8E-DC9F-4433-8FC8-B9C134B75403}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{B4E4F695-34B7-4187-9F9F-E9AEEC55D094}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{90B48959-73E8-483B-9EF6-4F660EB44F70}] => (Allow) C:\Program Files (x86)\SogouInput\8.0.0.8381\SGMedalLoader.exe
FirewallRules: [{A21AA5AE-676B-4D0A-9946-9F8F5DD222B4}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{1BBF2246-CD1C-4829-AD1A-E8CAEBA612A9}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{BA93C79E-F926-497B-89EF-492E13588D7D}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{B2C4F98E-6E0C-489A-A744-6BD5BAD22C18}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{54347CA7-88C3-4931-B431-E80A289FEA32}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{368F75CF-9388-47ED-B631-65B1C9668E86}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{2E09659B-6EA8-4509-BC8B-89A1F52CAED7}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{F7F9C92B-2D60-4A82-833E-ECD3CB8D7997}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{50607091-02F0-4003-A9C1-3AB89E5D2947}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [{0CD70842-A679-4531-AAB3-E5E8015B373D}] => (Allow) C:\Program Files (x86)\TalkTV\Bin\TalkTV.exe
FirewallRules: [TCP Query User{DF0986B7-F5B9-4CA4-8466-7CD4AF2AE0AF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{882FA26D-CF07-4B30-82CD-8BDCC1312631}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{7C43F587-F429-4292-92AF-457A3B96BA15}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [UDP Query User{6A47CEE3-C601-4D40-938B-E151D69CCA2A}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [{5FC1A2E4-E23E-4A40-8F68-9680094BC070}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{D3B507C3-11FC-4106-A76D-846E68EC90C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4863C59D-1DEA-4C40-9654-2F0C1BE2FB76}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{55C29EA5-B451-4E41-83DF-E6531186E441}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{D6E5B159-2B74-4272-BAA1-7E51AB84F86C}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{013196D6-20C5-4A65-8551-6D06065B5FB1}C:\qvodplayer\qvodterminal.exe] => (Allow) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{8B68AAEF-669D-4F39-9BED-3160EC00A152}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [{5509BB12-DE0F-4487-9212-24E34F0F30BE}] => (Block) C:\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{FF62CBB6-700E-4F9C-823F-965C666AEFDF}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [UDP Query User{60F6CF78-C495-4A2A-8B47-575F834CEF9C}C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe] => (Allow) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{CE84693F-1ADB-43AB-9A38-A2B0DDCB0BD6}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [{2B529D50-00F9-4652-BC7E-8C5985B5576D}] => (Block) C:\users\moxito\appdata\local\360browser\browser\application\360browser.exe
FirewallRules: [TCP Query User{148B2AF4-E62B-4350-925B-8BEA76CF35B3}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [UDP Query User{04A34041-F5A8-4533-A5FD-C6118F2D79DA}C:\program files (x86)\cntv\cbox\bin\cbox.exe] => (Allow) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{12586A64-FF12-4ECA-BB97-9D1067A5F11B}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [{22C4E24C-9B6C-47A9-8A26-D689334469FC}] => (Block) C:\program files (x86)\cntv\cbox\bin\cbox.exe
FirewallRules: [TCP Query User{76EFBE6B-1CAC-4061-A316-9D6E1710301A}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [UDP Query User{CE976857-156C-43F3-B42E-582F49119166}C:\users\moxito\downloads\airspy\sdrsharp.exe] => (Allow) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{E7CEAF8F-6ECC-478E-AF60-ED369F6364BB}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [{159669FB-3C82-427F-85E5-6C0405FA89B9}] => (Block) C:\users\moxito\downloads\airspy\sdrsharp.exe
FirewallRules: [TCP Query User{AE9DD382-6F3E-4994-9FA4-DA38D03EBFA3}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [UDP Query User{21B4A0EA-47F8-424B-974C-230C570B2E6D}C:\program files\sdr-radio-pro.com\sdrconsole.exe] => (Allow) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{D8C7869F-BC2B-4962-861A-23350B75163F}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{1CE19DF8-01E3-43C7-BDE4-321B25C28B45}] => (Block) C:\program files\sdr-radio-pro.com\sdrconsole.exe
FirewallRules: [{2378DA66-4690-4BE1-AA12-B2762255FED3}] => (Allow) C:\Users\moxito\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe
FirewallRules: [{C4451068-39BD-428B-B0AE-E4CEB549A5E4}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe
FirewallRules: [{8283DF27-E8D8-404E-9CF8-22CBAF6061CC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe
FirewallRules: [{644D8DC8-C47A-4C1D-89A7-DF5E8ACE7BE0}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe
FirewallRules: [{58123EF6-29C8-4276-A308-ED2A9A86B1FC}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe
FirewallRules: [{97B0CABD-78AA-407D-B7A2-A86F79BED1B6}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\tencentdl.exe
FirewallRules: [{D9D9C92B-573F-4F40-ADAD-823B83F8E41F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\135\bugreport_xf.exe
FirewallRules: [{11AB198E-D6B0-42AA-9662-F5496BBD0387}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{157E434D-102F-4E56-8ADF-F49896ECAB96}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe
FirewallRules: [{DA5D3FD0-F9C0-40D0-8517-9611B98F8937}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe
FirewallRules: [{FA7BDB2A-B22C-4EFB-ADC2-7D566C0572F8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe
FirewallRules: [{E770A729-2BE4-4189-BD71-0BD9967B1896}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe
FirewallRules: [{2B08D25C-C48F-4302-9B51-2F9C1AD2F7E6}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe
FirewallRules: [{C4455ADD-005F-4DC2-BB48-81C50375766E}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicExternal.exe
FirewallRules: [{D3CACE26-0333-4EA3-9C55-F3AE95CAA573}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\moleplugin\tadb.exe
FirewallRules: [{21BDBBDE-297A-478F-9B2D-34C39FEA3DD5}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusic.exe
FirewallRules: [{D630DBBE-4A30-4AFD-9E28-F3583EFF4E9E}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe
FirewallRules: [{65BB453F-B20A-4272-9477-C6F08359162A}] => (Allow) C:\Program Files (x86)\Tencent\QQMusic\QQMusic1297.0.39.32\QQMusicUp.exe
FirewallRules: [TCP Query User{247D4396-0D31-4F31-A892-084C41B75164}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [UDP Query User{92886B66-0227-4ED8-A533-E83C7C9706EA}C:\program files (x86)\tencent\tm2008\bin\tm.exe] => (Allow) C:\program files (x86)\tencent\tm2008\bin\tm.exe
FirewallRules: [TCP Query User{5507FF27-196C-4493-9C74-B09525F5413B}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [UDP Query User{1112C62E-F3A6-4843-8972-62BD0CEFF9E2}C:\program files (x86)\yy\yy.exe] => (Allow) C:\program files (x86)\yy\yy.exe
FirewallRules: [{0AE31196-BBF9-44D8-981B-AB04C98CEB4C}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [{8167C8B9-F43D-43EA-B143-8F332F565158}] => (Block) C:\program files (x86)\yy\yy.exe
FirewallRules: [TCP Query User{1F74AD5B-43D2-4D18-9122-78BBF7F43C8E}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [UDP Query User{A12C75E4-10F9-41E1-BA3B-B1162AA9825B}C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe] => (Allow) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{EC1A9325-2130-47B6-90F7-212BFE14681F}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
FirewallRules: [{990EB6F9-48F5-4D1C-86EE-1546944CF64C}] => (Block) C:\users\moxito\appdata\roaming\baidu\baiduyunguanjia\baidunetdisk.exe
==================== Restore Points =========================
16-06-2017 18:09:25 Windows Update
==================== Faulty Device Manager Devices =============
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Mi 4i
Description: Mi 4i
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB Device
Description: USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2017 01:01:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:59:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:59:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0x1b04
Startzeit der fehlerhaften Anwendung: 0x01d2e7bd5c27c42e
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: a61c1d78-d917-4b4e-a75b-ce71e3c2d726
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/18/2017 12:56:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0x2870
Startzeit der fehlerhaften Anwendung: 0x01d2e7bcf497e458
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: 30f1b450-4e46-4b89-815f-0861d50c5a43
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/18/2017 12:56:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:56:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0xff4
Startzeit der fehlerhaften Anwendung: 0x01d2e7bce8dc5dc4
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: 8ffba151-4a98-4526-bc30-63032f2c2b27
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/18/2017 12:40:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:38:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/18/2017 12:38:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Name des fehlerhaften Moduls: ShellExperienceHost.exe, Version: 10.0.14393.447, Zeitstempel: 0x5819bf85
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000022e27
ID des fehlerhaften Prozesses: 0x1b40
Startzeit der fehlerhaften Anwendung: 0x01d2e7ba7ffe9704
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichtskennung: 5d0c9233-f2cc-4d84-ab4e-ac0e5ef7c54b
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
System errors:
=============
Error: (06/18/2017 01:01:21 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/18/2017 12:59:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:24 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/18/2017 12:59:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (06/18/2017 12:59:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Baidu Hook Base" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
CodeIntegrity:
===================================
Date: 2016-10-26 14:29:14.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 14:20:37.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 13:12:20.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-26 03:05:20.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:58:24.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:40:48.352
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-11 14:18:53.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5950HQ CPU @ 2.90GHz
Percentage of memory in use: 9%
Total physical RAM: 32723.28 MB
Available physical RAM: 29542.43 MB
Total Virtual: 67539.28 MB
Available Virtual: 64344.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:951.82 GB) (Free:505.19 GB) NTFS
Drive d: (data) (Fixed) (Total:912.3 GB) (Free:69.36 GB) NTFS
Drive f: (XIAOMI) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 524198F9)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 52419B1B)
Partition: GPT.
==================== End of Addition.txt ============================
|
|
19.06.2017, 16:06
| #12 |
| /// TB-Senior | Ambworks nicht zu löschen Hi, Office ist zwar immer noch drauf, aber wir starten trotzdem durch. Höchstwahrscheinlich wirst du dir aber für dein Office hinterher einen Produktkey besorgen müssen. Alternativ wie gesagt würde sich Openoffice anbieten. Schritt 1: Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Schritt 2:
Schritt 3: Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 4: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 5: Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 6:
__________________ Gruß Tician |
|
20.06.2017, 01:11
| #13 |
| | Ambworks nicht zu löschen Die Alternativen zu Office kenne ich, es gibt nicht nur OpenOffice, sondern auch noch LibreOffice und WPS. Zu den chinesichen Programmen: TM 2009 - chinesischer Messenger fürs Büro, 央视影音- Cbox CNTV - chinesisches Fernsehen (CCTV), 启动有道词典 - Youdao dictionary (übersetzen unbekannter Worte), 百度网盘 - Baidu Netdisk (cloud mit 2 TB Speicherplatz), 输入法修复器 - Sougou IME (zur Eingabe chiesischer Schriftzeichen), duoway YY, cctalk und TalkTV - Programm, das ich für den Unterricht brauche (ich unterrichte Deutsch und Englisch in China), QQ - chinesischer Messenger (das nutzt nahezu jeder Chinese auf der Welt), Qtranslate - sehr universelles Übersetzungsprogramm. 搜狗拼音输入法 8.0正式版 - das ist Teil der Sougou IME, die lasse ich mir lieber, da ich auch chinesisch Schreiben muß. Diese wenigen installierten Programme chinesicher Herkunft brauche ich fast täglich! Gruß, Moxito |
|
20.06.2017, 16:04
| #14 |
| /// TB-Senior | Ambworks nicht zu löschen Hi, alles klar, dann mach bitte mit Schritt 2 weiter.
__________________ Gruß Tician |
|
20.06.2017, 20:30
| #15 |
| | Ambworks nicht zu löschen Schritt 2 und 3 erledigt, alle tencent Programme (qq, tm) sind gelöscht, das ist großer Mist. Muß jetzt alles neu installieren. das Log bisher: Code:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 20/06/2017 um 20:47:28
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-06-20.1 [Lokal]
# Betriebssystem : Windows 10 Enterprise (X64)
# Benutzername : moxito - MSI
# Gestartet von : C:\Users\moxito\Downloads\AdwCleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: tsnethlpx64
[-] Dienst gelöscht: QPCore
[-] Dienst gelöscht: QQMusicService
[-] Dienst gelöscht: TenCommProtect
[-] Dienst gelöscht: MSLN
[-] Dienst gelöscht: sogouupdate
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\ProgramData\58bca3a8
[-] Ordner gelöscht: C:\Users\moxito\AppData\Local\Tencent
[-] Ordner gelöscht: C:\Users\moxito\AppData\LocalLow\Tencent
[-] Ordner gelöscht: C:\Users\moxito\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QVOD
[-] Ordner gelöscht: C:\Program Files\Common Files\Tencent
[-] Ordner gelöscht: C:\Users\moxito\AppData\Local\VirtualStore\Program Files (x86)\QVOD
[-] Ordner gelöscht: C:\Users\moxito\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\QvodPlayer
[-] Ordner gelöscht: C:\Tencent
[-] Ordner gelöscht: C:\ProgramData\TXQMPC
[-] Ordner gelöscht: C:\ProgramData\Tencent
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\TXQMPC
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Tencent
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Ordner gelöscht: C:\Users\Public\Documents\Tencent
[-] Ordner gelöscht: C:\Program Files (x86)\Tencent
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\Tencent
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\freemake shared
[-] Ordner gelöscht: C:\Users\moxito\AppData\Local\Temp\Tencent
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\sstmp
***** [ Dateien ] *****
[-] Datei gelöscht: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\TenCommProtect64.sys
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\WINDOWS\rsrcs.dll
[-] Datei gelöscht: C:\Users\Public\Documents\cfg.ini
[-] Datei gelöscht: C:\Users\Public\Documents\cc.ini
[-] Datei gelöscht: C:\Users\Public\Documents\temp.dat
[-] Datei gelöscht: C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SCService
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SCService
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\scservice
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\scservice
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Classes\Tencent
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\Tencent
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Baiduyunguanjia
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\BaiduYunGuanjia.torrent
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\metnsd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Tencent
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Tencent
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Baiduyunguanjia
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\BaiduYunGuanjia.torrent
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\PCSU.SysUtils
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Tencent
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{1E9BD312-7C8C-4422-906D-897F6D7714F2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2E0D1C92-9589-4755-BB55-7117F2155736}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{495151D2-561C-419E-A7DC-741108602464}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{6CB9D494-2482-4277-9E45-22F36C471461}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\UpgSvr
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Burn4Free
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Installer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\System Healer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\QvodPlayer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\AutoTime
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\SNDA
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\dlr
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\PopWnd
[-] Schlüssel gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\UpgSvr
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\UpgSvr
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Burn4Free
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\System Healer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\QvodPlayer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AutoTime
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SNDA
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\dlr
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PopWnd
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\UpgSvr
[-] Schlüssel gelöscht: HKLM\SOFTWARE\QvodPlayer
[-] Schlüssel gelöscht: HKLM\SOFTWARE\InterHop
[-] Schlüssel gelöscht: HKLM\SOFTWARE\amule-custom
[-] Schlüssel gelöscht: HKLM\SOFTWARE\mylucky123Software
[-] Schlüssel gelöscht: HKLM\SOFTWARE\HPReyos
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QvodPlayer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Burn4Free
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\System Healer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\QvodPlayer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AutoTime
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SNDA
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\dlr
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PopWnd
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\UpgSvr
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C767D9D7BB3F9C4B839FF09B6C80DCF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4EE2F0310EBEC29A0C48C035C43786AA
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2A47D6F1D42DD81A292C027724D291
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Wert gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[-] Wert gelöscht: HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [QQ2009]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [QQ2009]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.qq.qmchext
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\QMContextUninstall.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\QvodCDAudioOnArrival
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\QvodDVDMovieOnArrival
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\QvodMediaOnArrival
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents [qhtp]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents [qvod]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\EventHandlers\PlayCDAudioOnArrival [QvodCDAudioOnArrival]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\EventHandlers\PlayDVDMovieOnArrival [QvodDVDMovieOnArrival]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\EventHandlers\PlayMusicFilesOnArrival [QvodMediaOnArrival]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\EventHandlers\PlayVideoFilesOnArrival [QvodMediaOnArrival]
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[-] Schlüssel gelöscht: HKCU\Software\MozillaPlugins\@1.qq.com/npqqwebgame
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npQQGameAssist
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npqscall
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPhotoDrawEx
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MozillaPlugins\@qq.com/QzoneMusic
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12581 Bytes] - [20/06/2017 20:47:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [10718 Bytes] - [20/06/2017 20:42:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [11848 Bytes] - [20/06/2017 20:45:17]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12803 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Enterprise x64
Ran by moxito (Administrator) on 20.06.2017 at 21:00:01,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 6
Failed to delete: C:\Program Files (x86)\sogouinput (Folder)
Successfully deleted: C:\ProgramData\sogouinput (Folder)
Successfully deleted: C:\ProgramData\updater (Folder)
Successfully deleted: C:\Users\Public\thunder network (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\SogouImeMgr (Task)
Successfully deleted: C:\Program Files (x86)\qqmailplugin (Folder)
Registry: 4
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C7334B-5657-41e1-8F79-F6AACECA05F4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDD362CF-523B-4BC9-8FDC-58F93B6BC945} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C7334B-5657-41e1-8F79-F6AACECA05F4} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDD362CF-523B-4BC9-8FDC-58F93B6BC945} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.06.2017 at 21:00:51,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 20.06.17
Scan-Zeit: 21:06
Protokolldatei:
Administrator: Ja
-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.141
Version des Aktualisierungspakets: 1.0.2194
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: MSI\moxito
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 397536
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 5
Abgelaufene Zeit: 1 Min., 49 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 2
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, In Quarantäne, [9416], [408200],1.0.2194
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\CONSOLE\TASKENG.EXE, In Quarantäne, [9416], [408199],1.0.2194
Registrierungswert: 3
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, In Quarantäne, [9416], [408200],1.0.2194
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, In Quarantäne, [9416], [408201],1.0.2194
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, In Quarantäne, [9416], [408199],1.0.2194
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
Ran by moxito (administrator) on MSI (20-06-2017 21:29:05)
Running from C:\Users\moxito\Desktop
Loaded Profiles: moxito (Available Profiles: moxito)
Platform: Windows 10 Enterprise Version 1607 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: "C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\bavhm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(QuestSoft) C:\Program Files (x86)\QTranslate\QTranslate.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoIE.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
(Ritlabs S.R.L.) C:\Program Files (x86)\The Bat!\thebat.exe
() C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe
(YY Inc.) C:\Program Files (x86)\YY\YY.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(网易公司) C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\WordBook.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoWSH.exe
() C:\Users\moxito\AppData\Roaming\duowan\yy\yycomstore\2052\com.yy.webrunlogin\65547\yyqlogin.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
() C:\Users\moxito\AppData\Local\Youdao\Dict\Application\6.3.69.8341\YoudaoDictHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
(Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\TXPlatform.exe
(Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe
(Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe
(Qihu 360 Software Co., Ltd.) C:\Users\moxito\AppData\Local\360Browser\Browser\Application\360browser.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-06] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [297984 2015-12-09] (MSI)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [705208 2017-01-13] ()
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavTray.exe [1998832 2017-01-28] (Baidu, Inc.)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-11-18] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [ctfmon] => C:\WINDOWS\system32\ctfmon.exe [10752 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9604008 2015-12-12] (SlySoft, Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QTranslate] => C:\Program Files (x86)\QTranslate\QTranslate.exe [642048 2016-05-12] (QuestSoft)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YYAssistant] => C:\Program Files (x86)\YY\8.24.0.2\\yyassistant.exe [335600 2017-06-12] (YY Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YodaoDict] => C:\Users\moxito\AppData\Local\Youdao\Dict\Application\YodaoDict.exe [5552192 2016-11-25] (网易公司)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [thebat_startup] => C:\Program Files (x86)\The Bat!\thebat.exe [11954536 2007-10-31] (Ritlabs S.R.L.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-29] (TomTom)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [TM] => "C:\Program Files (x86)\Tencent\TM2008\Bin\TM.exe" /background
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunGuanjia] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\baidunetdisk.exe [7757856 2017-06-16] ()
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [BaiduYunDetect] => C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\YunDetectService.exe [1052192 2017-06-16] ()
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YfftPack] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\moxito\AppData\Local\Ambworks\wpnlefjp.dll <===== ATTENTION
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [YY] => C:\Program Files (x86)\YY\YY.exe [151792 2017-06-12] (YY Inc.)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Run: [QQ2009] => C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe [97976 2017-06-20] (Tencent)
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavShx64.dll [2017-01-28] (Baidu, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-12-09]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-16]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2017-02-11]
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}\IcoUltraMon.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2016-12-09]
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCTalk.lnk [2016-12-09]
ShortcutTarget: CCTalk.lnk -> C:\Users\moxito\AppData\Roaming\Hujiang\Setup\PreInst\CCLaunch.exe (Hujiang)
Startup: C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar704.lnk [2017-06-20]
ShortcutTarget: Sidebar704.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{1f590c30-fd8d-44ea-ae52-5c965539d833}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{38ff234b-697a-4a3c-99af-17abf95b27e9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ddecc736-557e-44c0-b1c3-dbe0f06f526f}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261445025659793&GUID=D8CC01CB-AEB0-4853-A5B1-0C8D1E99C72E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-25] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-18] (Wondershare)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
DPF: HKLM-x32 {1E525898-EE12-4002-9374-82D15147F762} hxxp://player.cntv.cn/flashplayer/config/plugins/wCNTVLive212.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FireFox:
========
FF ProfilePath: C:\Users\moxito\AppData\Roaming\TomTom\HOME\Profiles\crxg47tn.default [2017-04-04]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2017-02-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-12-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2017-02-12]
FF HKU\S-1-5-21-1078665582-1449517287-1295239923-1001\...\Firefox\Extensions: [dict@www.youdao.com] - C:\Users\moxito\AppData\Local\Youdao\Dict\Application\stable\extensions\firefox => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-18] ()
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-18] ()
FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> C:\Users\moxito\AppData\Roaming\baidu\BaiduYunGuanjia\npYunWebDetect.dll [2017-06-16] (Baidu.com, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 5\npnitromozilla.dll [2016-03-03] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2017-06-20] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2017-06-20] (Tencent)
FF Plugin-x32: @qq.com/QQMiniDLPlugin -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll [No File]
FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll [No File]
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-1078665582-1449517287-1295239923-1001: duowan.com/Checker -> C:\Program Files (x86)\Common Files\duowan\yy\YYSSO\1.0.0.8\npChecker.dll [2016-11-21] (广州多玩信息技术有限公司)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [315472 2015-06-29] (Windows (R) Win 7 DDK provider)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BavSvc.exe [2791312 2017-01-28] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdSandboxSrv64.exe [264688 2017-01-28] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BHipsSvc.exe [531232 2017-01-28] (Baidu, Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-11-23] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-11-23] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-11-23] (BlueStack Systems, Inc.)
S3 ehRecvr; C:\WINDOWS\ehome\ehRecvr.exe [713728 2015-09-02] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\WINDOWS\ehome\ehsched.exe [177152 2015-09-02] (Microsoft Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-08-21] (Macrovision Europe Ltd.) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2017-01-24] (Ellora Assets Corp.) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [586536 2016-10-10] (Hauppauge Computer Works)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MCRL; C:\ProgramData\Microsoft\VisualStudio\14.0\2052\msmg.dll [368128 2016-12-09] () [File not signed]
S3 Mcx2Svc; C:\WINDOWS\system32\Mcx2Svc.dll [83968 2015-09-05] (Microsoft Corporation) [File not signed]
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2015-12-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (Micro-Star INT'L CO., LTD.)
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-03-03] (Nitro PDF Software)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-06-07] (Synaptics Incorporated)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-08-22] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11837440 2011-08-22] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-11-09] (Intel(R) Corporation)
S3 QTService; C:\Program Files (x86)\Tencent\QTalk\QTService.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-02] (SlySoft, Inc.)
R3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdApiUtil64.sys [116968 2017-01-28] (Baidu, Inc.)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-28] ()
R3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\BdCameraProtect64.sys [25032 2017-01-28] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [61896 2016-08-21] (Baidu, Inc.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [141896 2015-09-30] (Rivet Networks, LLC.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2016-08-21] (Baidu, Inc.)
S0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [83144 2017-01-28] (Baidu, Inc.)
R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [62792 2016-08-21] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2016-08-21] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.1\Bnmon64.sys [82376 2017-01-28] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [262088 2016-08-21] (Baidu, Inc.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-11-23] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [967168 2016-11-11] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-27] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
R3 flex1500; C:\WINDOWS\system32\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [162456 2016-08-21] (Qualcomm Atheros, Inc.)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2016-12-27] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-20] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_69ca8597af61d80b\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-06-07] (Synaptics Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45896 2017-05-12] (SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38720 2016-11-03] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-27] (Samsung Electronics Co., Ltd.)
S3 SundtekMTV; C:\WINDOWS\system32\DRIVERS\sundtekmtv64.sys [365776 2015-12-10] (Sundtek Electronics)
R3 TT4650_SRV_64; C:\WINDOWS\system32\drivers\ttConnect4650_64.sys [436736 2015-11-24] (CityCom GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] ()
S1 eougywyt; \??\C:\WINDOWS\system32\drivers\eougywyt.sys [X]
S3 GSVxDrv; \??\C:\Program Files\YYBox\drivers\GSVxDrv\GSVxDrv.sys [X]
U2 QQMicroGameBoxService; no ImagePath
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-20 21:28 - 2017-06-20 21:28 - 00000000 ____D C:\Users\moxito\Desktop\FRST-OlderVersion
2017-06-20 21:25 - 2017-06-20 21:25 - 00000000 ____D C:\Users\Public\Documents\Tencent
2017-06-20 21:25 - 2017-06-20 21:25 - 00000000 ____D C:\Users\moxito\AppData\Local\Google
2017-06-20 21:25 - 2017-06-20 21:25 - 00000000 ____D C:\Program Files (x86)\Tencent
2017-06-20 21:22 - 2017-06-20 21:27 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Tencent
2017-06-20 21:04 - 2017-06-20 21:11 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-20 21:04 - 2017-06-20 21:11 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-20 21:04 - 2017-06-20 21:11 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-20 21:04 - 2017-06-20 21:11 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-20 21:04 - 2017-06-20 21:04 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-20 21:04 - 2017-06-20 21:04 - 00001872 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-20 21:04 - 2017-06-20 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-20 21:04 - 2017-06-20 21:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-20 21:04 - 2017-06-20 21:04 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-20 21:04 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-20 21:03 - 2017-06-20 21:04 - 64232976 _____ (Malwarebytes ) C:\Users\moxito\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-20 21:00 - 2017-06-20 21:00 - 00001582 _____ C:\Users\moxito\Desktop\JRT.txt
2017-06-20 20:58 - 2017-06-20 20:58 - 01663672 _____ (Malwarebytes) C:\Users\moxito\Downloads\JRT.exe
2017-06-20 20:54 - 2017-06-20 20:56 - 00000000 ____D C:\Users\moxito\AppData\Local\F524E5C1-49AC-4835-B859-6FDC260E6394
2017-06-20 20:53 - 2017-06-20 21:11 - 00000486 _____ C:\WINDOWS\Tasks\HuanjuGameUpdate.job
2017-06-20 20:53 - 2017-06-20 20:53 - 00003588 _____ C:\WINDOWS\System32\Tasks\HuanjuGameUpdate
2017-06-20 20:49 - 2017-06-20 21:11 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-06-20 20:47 - 2017-06-20 20:47 - 00000000 ____D C:\Users\moxito\AppData\Local\PeerDistRepub
2017-06-20 20:41 - 2017-06-20 20:47 - 00000000 ____D C:\AdwCleaner
2017-06-20 20:41 - 2017-06-20 20:41 - 04110280 _____ C:\Users\moxito\Downloads\AdwCleaner_6.047.exe
2017-06-20 20:37 - 2017-06-20 20:37 - 00566128 _____ (Malwarebytes) C:\Users\moxito\Downloads\mbam-clean-2.3.0.1001.exe
2017-06-19 17:59 - 2017-06-19 17:59 - 00187408 _____ C:\WINDOWS\jUaJ.tIEvC
2017-06-19 17:59 - 2017-06-19 17:59 - 00106512 _____ C:\WINDOWS\HMOuyegwd9.Xw2Am
2017-06-19 02:52 - 2017-06-19 02:52 - 00143376 _____ C:\WINDOWS\59.T477k
2017-06-18 21:33 - 2017-06-18 21:33 - 00002811 _____ C:\Users\moxito\Desktop\RtkNGUI64.exe - Verknüpfung.lnk
2017-06-18 21:19 - 2017-06-18 21:27 - 00000000 ____D C:\Users\moxito\Desktop\Software & Treiber
2017-06-18 20:46 - 2017-06-18 20:46 - 00000000 ____D C:\ProgramData\Nahimic22.3.14
2017-06-18 20:34 - 2017-06-18 20:34 - 00450352 _____ (Microsoft Corporation) C:\Users\moxito\Downloads\FixitCenter_Run.exe
2017-06-18 20:31 - 2017-06-18 20:31 - 15549025 _____ C:\Users\moxito\Downloads\Microsoft_Fix-it-Paket.zip
2017-06-18 20:25 - 2017-06-18 20:25 - 00271376 _____ C:\WINDOWS\jaA3nrCQa91Ph1W.68S97
2017-06-18 19:59 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-06-18 19:59 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-06-18 19:59 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-06-18 19:59 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-18 19:59 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-18 19:59 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-18 19:59 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-06-18 19:59 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-06-18 19:43 - 2017-06-18 19:44 - 02296696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-18 18:48 - 2017-06-20 21:25 - 00000000 ____D C:\Users\moxito\AppData\Local\CrashDumps
2017-06-18 05:54 - 2017-06-18 05:54 - 00000000 ____D C:\Users\moxito\AppData\Local\Apps\2.0
2017-06-18 01:01 - 2017-06-20 21:29 - 00031834 _____ C:\Users\moxito\Desktop\FRST.txt
2017-06-18 00:17 - 2017-06-18 01:03 - 00074146 _____ C:\Users\moxito\Desktop\Addition.txt
2017-06-18 00:01 - 2017-06-18 00:01 - 02388709 _____ C:\HEADERS
2017-06-17 23:44 - 2017-06-17 23:47 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-17 23:30 - 2017-06-17 23:30 - 00000000 ____D C:\Program Files\Synaptics
2017-06-17 19:05 - 2017-06-17 19:25 - 00000000 ____D C:\ESD
2017-06-17 19:05 - 2017-06-17 19:05 - 00000000 ___HD C:\$Windows.~WS
2017-06-17 18:36 - 2017-06-17 18:36 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\tvwoetih.sys
2017-06-17 16:43 - 2017-06-17 16:43 - 05265000 _____ C:\Users\moxito\Downloads\psiphon3.exe
2017-06-17 00:14 - 2017-06-20 21:29 - 00000000 ____D C:\FRST
2017-06-17 00:13 - 2017-06-20 21:28 - 02439680 _____ (Farbar) C:\Users\moxito\Desktop\FRST64.exe
2017-06-16 23:23 - 2017-06-16 23:25 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-16 23:04 - 2017-06-16 23:04 - 09598376 _____ (Piriform Ltd) C:\Users\moxito\Downloads\ccsetup531.exe
2017-06-16 22:42 - 2017-06-16 22:42 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-16 22:07 - 2017-06-16 22:07 - 00003654 _____ C:\WINDOWS\System32\Tasks\Dragon_Center_updater
2017-06-16 22:07 - 2017-06-16 22:07 - 00003016 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Center
2017-06-16 19:06 - 2017-06-16 19:06 - 81963976 _____ C:\Users\moxito\Downloads\SteelSeriesEngine3.10.2Setup.exe
2017-06-16 17:59 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-16 17:59 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-16 17:58 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-16 17:58 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-16 17:58 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-16 17:58 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-16 17:58 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-16 17:58 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-16 17:58 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-16 17:58 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-16 17:58 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-16 17:58 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-16 17:58 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-16 17:58 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-16 17:58 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 17:58 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:58 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-16 17:58 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-16 17:58 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-16 17:58 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-16 17:58 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-16 17:58 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-16 17:58 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-16 17:58 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-16 17:58 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-16 17:58 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-16 17:58 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-16 17:58 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-16 17:58 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-16 17:58 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-16 17:58 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-16 17:58 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-16 17:58 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-16 17:58 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-16 17:53 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-16 17:53 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-16 17:53 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-16 17:53 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-16 17:52 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-16 17:52 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-16 17:52 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-16 17:52 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-16 17:52 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-16 17:52 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-16 17:52 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-16 17:52 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-16 17:52 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-16 17:52 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-16 17:52 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-16 17:52 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-16 17:52 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-16 17:52 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-16 17:52 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-16 17:52 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-16 17:52 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-16 17:52 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-16 17:52 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-16 17:52 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-16 17:52 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-16 17:52 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 17:52 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-16 17:52 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 17:52 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-16 17:52 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-16 17:52 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-16 17:52 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-16 17:52 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-16 17:52 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-16 17:52 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-16 17:52 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-16 17:52 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-16 17:52 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-16 17:52 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-16 17:52 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-16 17:52 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-16 17:52 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-16 17:52 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-16 17:52 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-16 17:51 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-16 17:51 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-16 17:51 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-16 17:51 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-16 17:51 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-16 17:51 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-16 17:51 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-16 17:51 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-16 17:51 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-16 17:51 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-16 17:51 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-16 17:51 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-16 17:51 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-16 17:51 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-16 17:51 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-16 17:51 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-16 17:51 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-16 17:51 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-16 17:51 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-16 17:51 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-16 17:51 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 17:51 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-16 17:51 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-16 17:51 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-16 17:51 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-16 17:51 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-16 17:51 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-16 17:51 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-16 17:51 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-16 17:51 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-16 17:51 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-16 17:51 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-06 00:55 - 2017-06-06 00:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\RenewSoftware.com
2017-06-06 00:04 - 2017-06-06 00:04 - 4083853312 _____ C:\Users\moxito\Downloads\Win10_English_x64.iso
2017-06-05 23:23 - 2017-06-05 23:23 - 00004184 _____ C:\WINDOWS\System32\Tasks\{ED9A9CD4-5A31-2B7F-2D3D-2F4634FF2C3B}
2017-06-05 23:23 - 2017-06-05 23:23 - 00003884 _____ C:\WINDOWS\System32\Tasks\{F7B708E3-B402-CC93-0235-FB6400AF3F41}
2017-06-05 23:22 - 2017-06-05 23:22 - 01611944 _____ (Secure Download Ltd. ) C:\Users\moxito\Downloads\Registry_Activation
2017-06-05 23:21 - 2017-06-05 23:21 - 00000000 ____D C:\ProgramData\Caphyon
2017-05-24 16:31 - 2017-05-24 16:31 - 00187408 _____ C:\WINDOWS\3LQJZeRfB62pV.9W5pn
2017-05-24 16:31 - 2017-05-24 16:31 - 00053264 _____ C:\WINDOWS\FXu4.S5k12
2017-05-24 16:29 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-24 16:26 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-24 16:26 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-22 21:10 - 2017-05-22 21:10 - 00095248 _____ C:\WINDOWS\Yfn76w2d9ICq.19CwO
2017-05-22 16:08 - 2017-05-22 16:08 - 00163856 _____ C:\WINDOWS\ok9734e.2DWmr
2017-05-22 00:22 - 2017-05-22 00:22 - 00001101 _____ C:\Users\moxito\Desktop\百度网盘.lnk
2017-05-22 00:22 - 2017-05-22 00:22 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘
2017-05-21 22:53 - 2017-05-21 22:53 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-21 22:53 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunKernel
2017-05-21 22:32 - 2017-05-21 22:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\BaiduYunGuanjia
2017-05-21 20:51 - 2017-05-21 20:51 - 00002116 _____ C:\Users\Public\Desktop\Nahimic 2.lnk
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nahimic 2
2017-05-21 20:51 - 2017-05-21 20:51 - 00000000 ____D C:\Program Files\Nahimic
2017-05-21 20:51 - 2017-02-06 10:31 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-05-21 20:51 - 2017-02-06 10:31 - 10187598 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-21 20:51 - 2017-02-06 10:31 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 03014656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-21 20:51 - 2017-02-06 10:31 - 02830480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01353816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 01003504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00866088 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00855232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00726624 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00517504 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-05-21 20:51 - 2017-02-06 10:31 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 02202624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 01003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00680512 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-05-21 20:51 - 2017-02-06 10:30 - 00084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-20 21:26 - 2016-12-01 02:10 - 00000000 ____D C:\Users\moxito\AppData\LocalLow\SogouPY
2017-06-20 21:25 - 2016-11-25 00:46 - 00002094 _____ C:\Users\Public\Desktop\Tencent QQ.lnk
2017-06-20 21:25 - 2016-08-21 20:02 - 00000000 ____D C:\Users\moxito\Documents\Tencent Files
2017-06-20 21:23 - 2016-08-21 20:02 - 00018760 _____ C:\WINDOWS\SysWOW64\QQVistaHelper.dll
2017-06-20 21:16 - 2016-08-21 16:12 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-20 21:15 - 2016-11-25 16:32 - 00000000 ____D C:\Users\moxito\AppData\Roaming\The Bat!
2017-06-20 21:15 - 2016-10-11 11:04 - 03399696 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-20 21:15 - 2016-10-11 11:04 - 00957568 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-20 21:15 - 2016-08-21 17:36 - 00000000 ____D C:\Users\moxito\AppData\Local\Sidebar7
2017-06-20 21:15 - 2016-08-21 15:19 - 07127782 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-20 21:14 - 2016-10-30 02:17 - 00000040 ___SH C:\ProgramData\.zreglib
2017-06-20 21:11 - 2016-11-27 00:25 - 00000000 ____D C:\ProgramData\VMware
2017-06-20 21:11 - 2016-10-11 01:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-20 21:00 - 2016-12-01 02:10 - 00000000 ____D C:\Program Files (x86)\SogouInput
2017-06-20 20:49 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-06-20 20:47 - 2016-10-11 12:58 - 00000000 ____D C:\WINDOWS\system32\log
2017-06-20 20:47 - 2016-09-28 17:46 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-20 20:47 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-20 20:37 - 2016-10-11 01:10 - 00000000 ____D C:\Users\moxito
2017-06-20 20:36 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-20 20:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-20 05:32 - 2016-10-11 01:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-18 20:48 - 2016-10-11 01:13 - 00002502 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Gaming Center
2017-06-18 20:37 - 2016-08-21 17:10 - 00000000 ____D C:\Users\moxito\AppData\Local\ClassicShell
2017-06-18 20:00 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-18 19:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-18 19:46 - 2016-08-21 22:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\vlc
2017-06-18 02:17 - 2017-04-26 02:17 - 20645376 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-06-18 02:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 00:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Performance
2017-06-17 23:55 - 2016-10-11 01:14 - 00003780 _____ C:\WINDOWS\diagwrn.xml
2017-06-17 23:55 - 2016-10-11 01:14 - 00001908 _____ C:\WINDOWS\diagerr.xml
2017-06-17 23:47 - 2016-10-13 18:41 - 00000000 ____D C:\WINDOWS\Panther
2017-06-17 23:20 - 2016-08-21 17:08 - 00000000 ____D C:\ProgramData\BavSvc_exe
2017-06-17 22:41 - 2017-02-11 13:53 - 00000000 ____D C:\Users\moxito\AppData\Roaming\XnView
2017-06-17 19:58 - 2016-12-01 01:43 - 00000000 ____D C:\Users\moxito\Downloads\div. Windows
2017-06-17 18:56 - 2016-11-29 18:50 - 00000000 ____D C:\Users\moxito\AppData\Roaming\Psiphon3
2017-06-17 18:29 - 2016-11-29 18:50 - 05265000 _____ C:\Users\moxito\psiphon3.exe
2017-06-17 02:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-17 02:12 - 2016-08-21 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-16 23:36 - 2016-08-21 16:55 - 00000000 ____D C:\Users\moxito\AppData\Roaming\steelseries-engine-3-client
2017-06-16 23:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-16 23:18 - 2016-11-25 00:13 - 00000000 ____D C:\ProgramData\Hauppauge
2017-06-16 23:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\tracing
2017-06-16 23:04 - 2016-08-21 16:58 - 00000823 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-16 23:02 - 2016-10-11 01:13 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-16 22:45 - 2016-08-21 15:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-16 22:43 - 2016-09-28 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-16 22:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-16 22:39 - 2016-11-25 17:35 - 00000000 ____D C:\Users\moxito\AppData\Roaming\uTorrent
2017-06-16 22:17 - 2016-08-21 15:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-16 22:15 - 2016-09-28 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-16 22:15 - 2016-08-21 15:41 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-16 22:08 - 2016-09-27 14:20 - 00000000 ____D C:\ProgramData\MSI
2017-06-16 22:07 - 2016-09-27 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-06-16 22:07 - 2016-08-21 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-16 19:08 - 2016-08-21 16:53 - 00000000 ____D C:\WINDOWS\Cnxt
2017-06-16 19:07 - 2016-08-21 16:53 - 00000000 ____D C:\ProgramData\Conexant
2017-06-16 15:49 - 2017-04-25 19:16 - 00000000 ____D C:\Program Files (x86)\YY
2017-06-06 00:36 - 2016-10-12 17:33 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-06 00:35 - 2016-08-22 16:31 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2017-06-05 23:35 - 2016-12-15 05:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-05 23:34 - 2016-12-11 17:10 - 00000000 ____D C:\Program Files (x86)\Intel
2017-06-05 23:33 - 2016-09-27 14:09 - 00000000 ____D C:\Program Files (x86)\MSI
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-24 16:29 - 2016-10-11 01:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-24 16:29 - 2016-09-15 19:33 - 00000000 ____D C:\Temp
2017-05-24 16:18 - 2016-09-28 16:42 - 00000000 ____D C:\Users\moxito\Documents\temp
2017-05-21 22:53 - 2017-02-07 15:54 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-12-15 05:53 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:13 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-21 22:53 - 2016-10-11 01:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-21 22:53 - 2016-09-27 13:26 - 00001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-21 22:53 - 2016-08-21 15:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-21 22:32 - 2016-08-22 17:03 - 00000000 ____D C:\Users\moxito\AppData\Roaming\baidu
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-21 20:51 - 2016-10-11 01:09 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-21 20:51 - 2016-08-21 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-21 20:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories =======
2016-10-08 00:26 - 2016-10-08 00:29 - 0000752 _____ () C:\Users\moxito\AppData\Roaming\.emacs
2016-11-30 19:44 - 2016-11-30 19:44 - 0000020 _____ () C:\Users\moxito\AppData\Roaming\004D5649544E41696E66
2016-11-30 19:43 - 2016-11-30 19:43 - 0000256 _____ () C:\Users\moxito\AppData\Roaming\140A0027000007
2016-12-05 20:22 - 2016-12-05 20:22 - 0000024 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE31.ini
2016-11-30 19:44 - 2017-01-16 21:48 - 0001209 _____ () C:\Users\moxito\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE32.ini
2017-02-13 02:41 - 2017-02-13 02:41 - 0001038 _____ () C:\Users\moxito\AppData\Roaming\ex_log.txt
2016-10-10 20:08 - 2017-02-04 16:04 - 0001269 _____ () C:\Users\moxito\AppData\Roaming\Network Meter_Settings.ini
2016-10-10 20:09 - 2016-10-10 20:09 - 0000772 _____ () C:\Users\moxito\AppData\Roaming\Stock Meter_Settings.ini
2016-09-30 18:39 - 2016-10-10 19:53 - 0000122 _____ () C:\Users\moxito\AppData\Roaming\System Monitor II_UptimeRecord.ini
2017-01-28 01:25 - 2017-01-28 01:25 - 1444872 _____ (Tencent Inc.) C:\Users\moxito\AppData\Roaming\XQ4Q.DLL
2016-10-30 02:17 - 2017-06-20 21:14 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-10-11 01:09 - 2016-10-11 01:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-28 03:09 - 2017-01-28 03:09 - 0076168 _____ (Tencent) C:\ProgramData\fa5HvkT6.aIj
2016-12-15 05:53 - 2017-01-18 15:10 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 05:53 - 2017-01-14 12:59 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-11-24 23:00 - 2016-11-24 23:01 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2119.DLL
2016-12-05 20:10 - 2016-12-05 20:10 - 1696960 _____ () C:\ProgramData\QQGAMEQCK2205.DLL
2016-12-04 20:08 - 2016-12-08 20:16 - 1389760 _____ () C:\ProgramData\QQGameQCK2840.exe
2017-01-28 01:29 - 2017-01-28 01:29 - 0076168 _____ (Tencent) C:\ProgramData\rW2F6Ma7N5GJI83.971
Files to move or delete:
====================
C:\ProgramData\QQGAMEQCK2119.DLL
C:\ProgramData\QQGAMEQCK2205.DLL
C:\ProgramData\QQGameQCK2840.exe
C:\Users\moxito\psiphon3.exe
Some files in TEMP:
====================
2017-06-20 21:29 - 2017-06-20 21:29 - 0031096 _____ (Tencent) C:\Users\moxito\AppData\Local\Temp\qqsafeud.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-19 02:49
==================== End of FRST.txt ============================
--- --- --- |
|
| Themen zu Ambworks nicht zu löschen |
| abend, appdata, datei, geholfen, gelöscht, guten, jahre, konnte, local, locker, löschen, namen, neue, neuen, nicht, nicht löschen, nicht zu löschen, problem, punkt, reboot, unlocker, zusammen |
dann auf 
und dann auf 
. 
