Google chrome öffnet ab und zu neue tabs

Nuclear2015 · 06.07.2017, 15:27

Hallo Trojaner-Board Team
Wie im Titel oben schon beschrieben öffnet mein google chrome ab und zu neue tabs die dann von meinem Malwarebytes blockiert werden. Oder dann habe ich die suchmaschine secure-suft.net obwohl google als Standard eingegeben ist. Malwarebytes und Avira finden bei mir keine viren.
Vor einigen jahren hatte ich das selbe problem nur noch schlimmer und ihr konntet mir helfen. Ich bitte euch auch diesesmal mir zu helfen

Mit freundlichen Grüssen

Nuclear

M-K-D-B · 07.07.2017, 19:51

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Nuclear2015 · 07.07.2017, 21:20

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-07-2017
durchgeführt von Dani (Administrator) auf DANI-PC (07-07-2017 22:15:36)
Gestartet von C:\Users\Dani\Downloads
Geladene Profile: Dani (Verfügbare Profile: Dani)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) F:\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) F:\Anti-Malware\mbamtray.exe
(Valve Corporation) F:\Steam\Steam.exe
(Google Inc.) C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(TeamSpeak Systems GmbH) C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => F:\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Google Update] => C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-04] (Google Inc.)
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d12433c7-a8af-4504-a245-2fa50ea1b0ae}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.ch/
CHR StartupUrls: Default -> "hxxps://www.google.ch/?gws_rd=ssl"
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default [2017-07-07]
CHR Extension: (Google Präsentationen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-05]
CHR Extension: (Google Docs) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-05]
CHR Extension: (Avira Safe Shopping) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2017-07-05]
CHR Extension: (Adblock Plus) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-05]
CHR Extension: (Сookies Control) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkpefbllpconnkfpdgagkifmflckkdp [2017-07-05]
CHR Extension: (Google Tabellen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-05]
CHR Extension: (Google Docs Offline) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-05]
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-01]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-27] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-05-14] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MBAMService; F:\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-28] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-07-05] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-07-05] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-03] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-05] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-07 22:15 - 2017-07-07 22:15 - 00016204 _____ C:\Users\Dani\Downloads\FRST.txt
2017-07-07 22:14 - 2017-07-07 22:15 - 00000000 ____D C:\FRST
2017-07-07 22:13 - 2017-07-07 22:13 - 02437120 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2017-07-05 18:11 - 2017-07-06 10:36 - 00029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va064_2017.07.06.16.24.10
2017-07-05 18:10 - 2017-07-07 21:31 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{96038A61-A79C-4135-B234-4C1AEDB6B652}
2017-07-05 18:09 - 2017-07-06 12:25 - 00000000 ____D C:\Users\Dani\AppData\Local\NVIDIA Corporation
2017-07-05 18:09 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-05 18:09 - 2017-06-27 22:27 - 00135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-05 18:04 - 2017-07-05 18:19 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashDumps
2017-07-05 18:04 - 2017-07-05 18:04 - 00000000 ____D C:\Users\Dani\AppData\Local\DBG
2017-07-05 17:57 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-05 17:57 - 2017-07-05 17:57 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-06-28 00:39 - 01903040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01489344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-05 17:54 - 2017-06-28 00:39 - 40239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35838912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 28953536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 13559376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12337296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12132272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 11501776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 10381664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 09982456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04208984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04163008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03709952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03595384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01067128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01004664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-05 17:50 - 2017-07-05 17:50 - 00000000 ____D C:\NVIDIA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-05 17:49 - 2017-07-05 17:49 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-05 17:49 - 2017-07-05 17:49 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-05 17:45 - 2017-07-05 17:46 - 00000000 ____D C:\Users\Dani\AppData\Local\MicrosoftEdge
2017-07-04 23:28 - 2017-07-04 23:28 - 00000000 ____D C:\Users\Dani\.QtWebEngineProcess
2017-07-04 19:27 - 2017-07-04 19:28 - 00000000 ____D C:\Windows.old
2017-07-04 19:27 - 2017-07-04 19:27 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-07-04 19:27 - 2017-07-04 19:27 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-04 19:27 - 2017-07-04 19:27 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-07-04 19:26 - 2017-07-04 19:26 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-04 19:26 - 2017-07-04 19:26 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-04 19:26 - 2017-07-04 19:26 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-04 19:26 - 2017-07-04 19:26 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-04 19:24 - 2017-07-04 19:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\inetpub

Nuclear2015 · 07.07.2017, 21:22

Code:

ATTFilter

017-07-04 19:23 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-04 19:23 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-04 19:22 - 2017-07-04 19:22 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-07-04 18:51 - 2017-07-04 18:51 - 00000000 ____D C:\Users\Dani\AppData\Local\Comms
2017-07-04 18:47 - 2017-07-04 18:47 - 00002384 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00001051 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-04 18:47 - 2017-03-17 22:00 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:54 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2017-07-04 18:47 - 2017-03-17 21:44 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2017-07-04 18:45 - 2017-07-04 23:21 - 00000000 ____D C:\Users\Dani\AppData\Local\Packages
2017-07-04 18:45 - 2017-07-04 18:45 - 00000020 ___SH C:\Users\Dani\ntuser.ini
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\TileDataLayer
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\Publishers
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\ConnectedDevicesPlatform
2017-07-04 18:39 - 2017-07-04 18:39 - 00000000 ____D C:\ProgramData\USOShared
2017-07-04 18:38 - 2017-07-05 19:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-04 18:38 - 2017-07-04 18:38 - 00004488 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-04 18:38 - 2017-07-04 18:38 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA
2017-07-04 18:38 - 2017-07-04 18:38 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core
2017-07-04 18:38 - 2017-07-04 18:38 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-07-04 18:37 - 2017-07-04 18:37 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-04 18:35 - 2017-07-04 18:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-04 18:33 - 2017-07-04 18:33 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-07-04 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-04 18:32 - 2017-07-07 20:06 - 02199994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-07 15:13 - 00000000 ____D C:\Users\Dani
2017-07-04 18:32 - 2017-07-04 18:32 - 01931144 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Vorlagen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Startmenü
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Netzwerkumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Lokale Einstellungen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Eigene Dateien
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Druckumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Videos
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Musik
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Bilder
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Verlauf
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Anwendungsdaten
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Anwendungsdaten
2017-07-04 18:31 - 2017-07-07 19:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-04 18:31 - 2017-07-04 18:50 - 00394112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-04 18:31 - 2017-07-04 18:33 - 00000000 ____D C:\Users\Public\Creative
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-04 18:04 - 2017-07-04 18:45 - 00000000 ___DC C:\WINDOWS\Panther
2017-07-04 18:04 - 2017-07-04 18:13 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-04 18:04 - 2017-03-18 07:57 - 00023360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NXQuery.sys
2017-07-04 17:38 - 2017-07-04 18:04 - 00000000 ____D C:\ESD
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 ___HD C:\$Windows.~WS
2017-07-04 17:16 - 2017-07-04 17:16 - 00000000 ____D C:\Users\Dani\AppData\Local\Adobe
2017-07-04 14:54 - 2017-07-06 15:10 - 00002510 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-07-04 14:54 - 2017-07-06 15:10 - 00002502 _____ C:\Users\Dani\Desktop\Google Chrome Canary.lnk
2017-07-03 21:02 - 2017-07-03 21:02 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashRpt
2017-07-03 21:00 - 2017-07-04 18:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackShot
2017-07-03 21:00 - 2017-07-03 21:00 - 00000716 _____ C:\Users\Dani\Desktop\BlackShot.lnk
2017-07-03 20:49 - 2017-07-03 20:49 - 02418992 _____ (Reloaded Technologies) C:\Users\Dani\Downloads\BlackShot_Downloader.exe
2017-07-03 09:14 - 2017-07-03 09:14 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Avira
2017-07-03 09:13 - 2017-07-05 19:20 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-07-03 09:13 - 2017-07-03 09:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-03 09:11 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\ProgramData\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-03 09:11 - 2017-07-03 09:11 - 00001212 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-03 09:10 - 2017-07-03 09:10 - 04806912 _____ (Avira Operations GmbH & Co. KG) C:\Users\Dani\Downloads\avira_de_av_5959edf5859b4__ws.exe
2017-07-03 04:05 - 2017-07-07 19:12 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 04:05 - 2017-07-05 19:24 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 04:05 - 2017-07-03 19:25 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 04:04 - 2017-07-05 19:24 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 04:04 - 2017-07-05 19:24 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 04:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 04:04 - 2017-07-03 04:04 - 00000604 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-03 04:04 - 2017-07-03 04:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 04:04 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-30 02:21 - 2017-06-30 02:21 - 00000000 ____D C:\Users\Dani\Documents\Benutzerdefinierte Office-Vorlagen
2017-06-30 02:07 - 2017-06-30 02:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-06-30 01:48 - 2017-07-04 18:47 - 00000000 ___RD C:\Users\Dani\OneDrive
2017-06-30 01:48 - 2017-07-01 01:23 - 00002139 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Skype
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-06-30 01:47 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-06-30 01:47 - 2017-06-30 01:47 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-30 01:38 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-30 01:38 - 2017-06-30 01:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-30 01:36 - 2017-07-04 18:45 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-06-30 01:35 - 2017-06-30 01:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-29 03:41 - 2017-06-29 03:41 - 00000831 _____ C:\Users\Dani\Desktop\Neues Textdokument.txt
2017-06-28 13:59 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2017-06-28 13:59 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2017-06-28 13:58 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-06-28 03:06 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2017-06-28 03:06 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-06-28 03:06 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2017-06-28 03:06 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2017-06-28 03:06 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpGroupPolicyExtension.dll
2017-06-28 03:05 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2017-06-28 02:58 - 2017-06-28 02:58 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Adobe
2017-06-28 02:37 - 2017-06-28 02:37 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsIntl.dll
2017-06-28 02:37 - 2017-06-28 02:37 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2017-06-28 02:36 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-06-28 02:35 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp_winip.dll
2017-06-28 02:35 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp_winip.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\UnrealEngine
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\TslGame
2017-06-28 00:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-06-28 00:30 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-06-28 00:30 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-06-28 00:30 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-06-28 00:30 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-06-28 00:30 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-06-28 00:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-06-28 00:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-06-28 00:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-06-28 00:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-06-28 00:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-06-28 00:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-06-28 00:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-06-28 00:29 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-06-27 23:13 - 2017-06-27 23:13 - 00000000 ____D C:\Users\Dani\Documents\League of Legends
2017-06-27 23:05 - 2017-06-27 23:05 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-27 23:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-27 23:04 - 2017-06-27 23:13 - 00000573 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-27 23:04 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-06-27 23:04 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-27 23:02 - 2017-06-27 23:05 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Riot Games
2017-06-27 20:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEUDINIT.EXE
2017-06-27 18:31 - 2012-06-02 16:57 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-06-27 18:19 - 2017-07-04 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gamigo
2017-06-27 18:19 - 2017-06-27 18:19 - 00000484 _____ C:\Users\Public\Desktop\Last Chaos DE.lnk
2017-06-27 18:16 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2017-06-27 18:13 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2016-09-15 16:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-06-27 18:11 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2017-06-27 18:10 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2017-06-27 17:51 - 2017-07-07 21:59 - 00000000 ____D C:\Users\Dani\AppData\Roaming\TS3Client
2017-06-27 17:51 - 2017-07-03 09:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-27 17:51 - 2017-06-30 14:20 - 00000000 ____D C:\Users\Dani\AppData\Local\TeamSpeak 3 Client
2017-06-27 17:51 - 2017-06-27 17:51 - 00001170 _____ C:\Users\Dani\Desktop\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00001128 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00000000 ____D C:\Users\Dani\.TeamSpeak 3
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-06-27 17:26 - 2017-06-27 17:26 - 00000202 _____ C:\Users\Dani\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-06-27 17:26 - 2017-06-27 17:26 - 00000000 ____D C:\Games
2017-06-27 17:24 - 2017-06-27 17:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-27 17:24 - 2017-06-27 17:24 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-27 17:23 - 2017-07-07 15:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-27 17:23 - 2017-06-27 23:03 - 06462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 02478712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-27 17:23 - 2017-06-27 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-27 17:23 - 2017-06-22 22:30 - 08076177 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-27 17:23 - 2017-05-19 17:52 - 00521624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-27 17:23 - 2017-05-19 17:52 - 00427416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-06-27 17:22 - 2017-06-27 17:22 - 00000146 _____ C:\Users\Dani\Desktop\Sound - Verknüpfung.lnk
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\Steam
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\CEF
2017-06-27 17:20 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-27 17:20 - 2017-06-27 17:20 - 00000518 _____ C:\Users\Public\Desktop\Steam.lnk
2017-06-27 17:18 - 2017-07-04 14:54 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Google
2017-06-27 17:17 - 2017-07-04 17:10 - 00000000 ____D C:\Users\Dani\AppData\Local\Google
2017-06-27 17:17 - 2017-07-04 14:51 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-27 17:17 - 2017-06-30 02:05 - 00114208 _____ C:\Users\Dani\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-27 17:17 - 2017-06-27 17:17 - 00000000 ____D C:\Users\Dani\AppData\Local\Apps\2.0
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Favoriten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 ____D C:\Users\Dani\AppData\Local\VirtualStore
2017-06-27 17:13 - 2009-07-14 20:18 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-07 20:31 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-07 20:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-07 20:06 - 2017-03-20 06:35 - 00955678 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-07 20:06 - 2017-03-20 06:35 - 00217610 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-06 10:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-05 19:23 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-05 18:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\servicing
2017-07-05 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\registration
2017-07-05 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-07-05 17:41 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-05 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-04 19:30 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-04 19:28 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-07-04 19:23 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-07-04 19:23 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-07-04 19:23 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-07-04 18:47 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-07-04 18:38 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-04 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-07-04 18:34 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-07-04 18:33 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-07-04 18:31 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-28 00:39 - 2017-05-19 17:48 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-28 00:39 - 2017-05-19 17:48 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-06-28 00:39 - 2017-05-19 14:22 - 00046373 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\SysWOW64\manifeststore
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\manifeststore
2017-06-27 17:12 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Einige Dateien in TEMP:
====================
2017-07-05 17:54 - 2017-05-01 22:14 - 0367552 _____ (NVIDIA Corporation) C:\Users\Dani\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-04 18:30

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-07-2017
durchgeführt von Dani (07-07-2017 22:16:10)
Gestartet von C:\Users\Dani\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-04 16:45:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4206118574-3175090919-1107652072-500 - Administrator - Disabled)
Dani (S-1-5-21-4206118574-3175090919-1107652072-1000 - Administrator - Enabled) => C:\Users\Dani
DefaultAccount (S-1-5-21-4206118574-3175090919-1107652072-503 - Limited - Disabled)
Gast (S-1-5-21-4206118574-3175090919-1107652072-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
BlackShot (HKLM-x32\...\BlackShot) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Google Chrome SxS) (Version: 61.0.3150.0 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Last Chaos DE Version 1.0 (HKLM-x32\...\Last Chaos DE_is1) (Version: 1.0 - gamigo AG)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version:  - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dani\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02C747A0-CBDB-45ED-B4CD-EBCC307FE953} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-28] (NVIDIA Corporation)
Task: {0BB0AF51-06FA-4010-AB78-4A0851DF5442} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {0C6B2128-7FDE-4BAC-B55C-B83718E648FB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0CF522ED-BC4E-426E-98BD-FC3DEBB6072D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {177A786D-D082-4F7F-A73A-A654AD73858A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-28] (NVIDIA Corporation)
Task: {1B3770B9-9F37-41D4-84EB-C4513DD5DC45} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B3BAEF5-44D7-4862-B628-428E6042CD0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {1F445B68-CEA2-410E-B6B7-CF17FB12224C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FC210DB-CFB6-4FB1-886A-F5BF26BB2FC6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {386E65DD-410C-4E5D-B783-B6BC9FF5C026} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E0566EE-CE76-4F52-8C21-5B9D5F936EE9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F37BDAF-4D02-4BD8-89F3-B45D6BA3E10F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42C0AE8B-899D-433D-96A3-B33807B4C506} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {49E3D5F6-C8EF-473B-8C0C-C98B6603FD5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4AC9665A-2369-4D70-B667-877AA82DB538} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51311C2D-F630-4863-81D4-908039347412} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {695D57A8-8BAE-4F23-B380-9F777D1F3F5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {700F2EDB-2D0C-4999-A329-040C4B9BAD83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {73389E0E-72D8-47E5-8509-05A2150A19B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {74DAD001-DFCA-4CB2-BD61-DC39DBF4876E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {8C182BD6-5A7B-4956-B177-44C09C537447} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-28] (NVIDIA Corporation)
Task: {8D3EE826-20A9-4B93-823C-5F37AEBB6CB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {997F60BA-9E57-41B4-97DE-B0B2E1F18578} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {9BA99027-96E9-43FC-A10F-EE4C572615FC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F73359B-A84D-429C-BACF-5017C3962267} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6CF6392-D249-4249-A9DC-E2803A8D1379} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6E6D7AD-7532-4BC9-9BCA-8AC860BEBB31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADF874C8-E456-4287-B035-DD7FEA67CC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {B8C6650A-6C28-4590-A49C-31F08D939188} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BAE779FA-0F0F-4B5B-BB14-7A66CF0BF96F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {BD288A26-BB6E-461F-9D2E-63B69017A1D5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {C96436D5-1360-4ADC-9B99-DA8825D08558} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {CCB7D9A6-13B4-4F3B-985C-1C5D1C69C801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-28] (NVIDIA Corporation)
Task: {DAF5F77F-1643-4472-9707-6D001791A23A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7B9A36B-7602-4606-9A5C-4E4FC4801264} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {EAE307B0-C2B3-400F-A96F-CAD1C81455FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECF921CE-15D8-473E-90BD-F7C2118DFD27} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F6973E5D-6986-4AC1-AC20-E39983006C38} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F88154E1-5FB2-48B0-9DB8-C1229355CB4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9702C02-A3E5-4A6E-8D2B-B9752EED362F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-05 18:33 - 2017-07-05 18:33 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-04-12 12:46 - 2017-06-30 14:20 - 00176408 _____ () C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\quazip.dll
2017-03-13 18:37 - 2017-03-13 18:37 - 00020248 _____ () C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\libEGL.DLL
2017-03-13 18:37 - 2017-03-13 18:37 - 01975064 _____ () C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\libGLESv2.dll
2017-04-12 12:46 - 2017-06-30 14:20 - 00107288 _____ () C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2017-04-12 12:46 - 2017-06-30 14:20 - 00128280 _____ () C:\Users\Dani\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2017-06-27 17:51 - 2017-06-27 17:51 - 00152064 _____ () C:\Users\Dani\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2017-06-27 17:51 - 2017-06-27 17:51 - 00345880 _____ () C:\Users\Dani\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2017-06-27 17:21 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\SDL2.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 02485536 _____ () F:\Steam\video.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 04969248 _____ () F:\Steam\v8.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00332800 _____ () F:\Steam\libavresample-2.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 02549760 _____ () F:\Steam\libavcodec-56.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00442880 _____ () F:\Steam\libavutil-54.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00491008 _____ () F:\Steam\libavformat-56.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00485888 _____ () F:\Steam\libswscale-3.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01195296 _____ () F:\Steam\icuuc.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01563936 _____ () F:\Steam\icui18n.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00877856 _____ () F:\Steam\bin\chromehtml.DLL
2017-06-27 17:21 - 2016-07-05 00:17 - 00266560 _____ () F:\Steam\openvr_api.dll
2017-06-27 17:22 - 2017-05-08 21:45 - 69516064 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-27 17:22 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00385312 _____ () F:\Steam\steam.dll
2017-06-27 17:21 - 2015-09-25 01:52 - 00119208 _____ () F:\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{DDE267AE-780F-4C73-A580-300E2BE207D2}] => (Allow) D:\BlackShot\BlackShot\System\blackshot.exe
FirewallRules: [{5D0555EF-B30D-4AE2-8144-A3FE2FCF6A6F}] => (Allow) D:\BlackShot\BlackShot\System\blackshot.exe
FirewallRules: [{70AAE8C3-540A-4DBA-9DCC-C46B1FB9412F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{DC1FB8E4-3204-47AE-B352-D0ABEF7A3706}C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{935A3DB2-2A1D-47D8-90EC-FD7BB75FF641}C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{359FCC74-B634-4238-A0F8-5AE70F804EFD}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79F96C69-4474-460C-AAF4-FA9A3CD75F7F}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5076022F-F190-442A-94D7-131F8AF3EB2F}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{A66E2D52-9370-4EB2-B5BF-F502075E7E84}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{5E4C89F4-75D8-4330-8818-FE50AE4ABF2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AAEA4CE1-352C-4B48-87D5-7D800C53CE92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{61204A59-602C-4B5A-BC8E-5CF3BD94975A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{347B8FEC-EA7B-423A-A54D-725E138DC685}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7A0A400C-EFC4-418A-B8D1-D775173C8BCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76FD6C78-68EF-4CBE-A4AC-8E39B61F0696}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

04-07-2017 18:52:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/07/2017 08:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T20:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 06:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T18:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 04:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T16:53:36Z. Error Code: 0x80070005.

Error: (07/06/2017 08:04:14 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T19:58:14Z. Error Code: 0x80070005.

Error: (07/06/2017 03:17:06 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T15:11:06Z. Error Code: 0x80070005.

Error: (07/06/2017 01:17:06 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T13:11:06Z. Error Code: 0x80070005.

Error: (07/06/2017 11:17:06 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T11:11:06Z. Error Code: 0x80070005.

Error: (07/06/2017 06:17:26 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T06:11:26Z. Error Code: 0x80070005.

Error: (07/06/2017 04:32:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Dani-PC)
Description: Das Paket „Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (07/06/2017 01:34:31 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T01:28:31Z. Error Code: 0x80070005.


Systemfehler:
=============
Error: (07/05/2017 07:24:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (07/05/2017 07:24:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/05/2017 06:07:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (07/05/2017 06:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/05/2017 06:07:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎07.‎2017 um 18:05:01 unerwartet heruntergefahren.

Error: (07/05/2017 06:04:05 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.

Error: (07/05/2017 06:04:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (07/05/2017 06:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/05/2017 06:03:56 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (07/05/2017 06:04:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎07.‎2017 um 18:02:01 unerwartet heruntergefahren.


CodeIntegrity:
===================================
  Date: 2017-07-06 20:13:28.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:26.955
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:26.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:07:59.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:07:59.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8190.14 MB
Verfügbarer physikalischer RAM: 4751.79 MB
Summe virtueller Speicher: 16382.14 MB
Verfügbarer virtueller Speicher: 12138.25 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.12 GB) (Free:149.54 GB) NTFS
Drive d: () (Fixed) (Total:55.9 GB) (Free:38.33 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.41 GB) (Free:930.4 GB) NTFS
Drive g: (FAGGOT) (Removable) (Total:7.49 GB) (Free:7.48 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7B837974)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: A2450932)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 60275C42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Nuclear2015 · 07.07.2017, 21:26

Code:

ATTFilter

22:22:58.0998 0x1ae0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
22:23:08.0620 0x1ae0  ============================================================
22:23:08.0620 0x1ae0  Current date / time: 2017/07/07 22:23:08.0620
22:23:08.0620 0x1ae0  SystemInfo:
22:23:08.0620 0x1ae0  
22:23:08.0620 0x1ae0  OS Version: 10.0.15063 ServicePack: 0.0
22:23:08.0621 0x1ae0  Product type: Workstation
22:23:08.0621 0x1ae0  ComputerName: DANI-PC
22:23:08.0621 0x1ae0  UserName: Dani
22:23:08.0621 0x1ae0  Windows directory: C:\WINDOWS
22:23:08.0621 0x1ae0  System windows directory: C:\WINDOWS
22:23:08.0621 0x1ae0  Running under WOW64
22:23:08.0621 0x1ae0  Processor architecture: Intel x64
22:23:08.0621 0x1ae0  Number of processors: 8
22:23:08.0621 0x1ae0  Page size: 0x1000
22:23:08.0621 0x1ae0  Boot type: Normal boot
22:23:08.0621 0x1ae0  CodeIntegrityOptions = 0x00000001
22:23:08.0621 0x1ae0  ============================================================
22:23:08.0652 0x1ae0  KLMD registered as C:\WINDOWS\system32\drivers\75965407.sys
22:23:08.0652 0x1ae0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
22:23:08.0700 0x1ae0  System UUID: {FD3EE4F7-843A-3CD5-4F5D-B8E9F3600C1C}
22:23:08.0942 0x1ae0  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:23:08.0944 0x1ae0  Drive \Device\Harddisk1\DR1 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:23:08.0958 0x1ae0  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:23:08.0962 0x1ae0  Drive \Device\Harddisk3\DR4 - Size: 0x1E0000000 ( 7.50 Gb ), SectorSize: 0x200, Cylinders: 0x3D3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:23:08.0963 0x1ae0  ============================================================
22:23:08.0964 0x1ae0  \Device\Harddisk0\DR0:
22:23:08.0964 0x1ae0  MBR partitions:
22:23:08.0964 0x1ae0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BE3CA50
22:23:08.0964 0x1ae0  \Device\Harddisk1\DR1:
22:23:08.0964 0x1ae0  MBR partitions:
22:23:08.0964 0x1ae0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
22:23:08.0964 0x1ae0  \Device\Harddisk2\DR2:
22:23:08.0964 0x1ae0  MBR partitions:
22:23:08.0964 0x1ae0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:23:08.0964 0x1ae0  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
22:23:08.0964 0x1ae0  \Device\Harddisk3\DR4:
22:23:08.0965 0x1ae0  MBR partitions:
22:23:08.0965 0x1ae0  \Device\Harddisk3\DR4\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0xEFFFE0
22:23:08.0965 0x1ae0  ============================================================
22:23:08.0966 0x1ae0  C: <-> \Device\Harddisk0\DR0\Partition1
22:23:08.0967 0x1ae0  D: <-> \Device\Harddisk1\DR1\Partition1
22:23:08.0980 0x1ae0  F: <-> \Device\Harddisk2\DR2\Partition2
22:23:08.0981 0x1ae0  ============================================================
22:23:08.0981 0x1ae0  Initialize success
22:23:08.0981 0x1ae0  ============================================================
22:23:23.0394 0x2900  ============================================================
22:23:23.0394 0x2900  Scan started
22:23:23.0394 0x2900  Mode: Manual; 
22:23:23.0394 0x2900  ============================================================
22:23:23.0394 0x2900  KSN ping started
22:23:23.0558 0x2900  KSN ping finished: true
22:23:24.0112 0x2900  ================ Scan system memory ========================
22:23:24.0112 0x2900  System memory - ok
22:23:24.0113 0x2900  ================ Scan services =============================
22:23:24.0168 0x2900  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
22:23:24.0176 0x2900  1394ohci - ok
22:23:24.0192 0x2900  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
22:23:24.0194 0x2900  3ware - ok
22:23:24.0215 0x2900  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
22:23:24.0226 0x2900  ACPI - ok
22:23:24.0232 0x2900  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
22:23:24.0232 0x2900  AcpiDev - ok
22:23:24.0238 0x2900  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
22:23:24.0240 0x2900  acpiex - ok
22:23:24.0244 0x2900  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
22:23:24.0244 0x2900  acpipagr - ok
22:23:24.0248 0x2900  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
22:23:24.0249 0x2900  AcpiPmi - ok
22:23:24.0253 0x2900  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
22:23:24.0253 0x2900  acpitime - ok
22:23:24.0297 0x2900  [ BABA54B15338F60EC1C40D30E61214D9, AEA7B5EFE01ABCFFF310F5E7EDB1504D7AEDAAF126CD773DABDA2457346FB19A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:23:24.0301 0x2900  AdobeFlashPlayerUpdateSvc - ok
22:23:24.0329 0x2900  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:23:24.0345 0x2900  ADP80XX - ok
22:23:24.0364 0x2900  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
22:23:24.0374 0x2900  AFD - ok
22:23:24.0383 0x2900  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:23:24.0387 0x2900  ahcache - ok
22:23:24.0411 0x2900  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
22:23:24.0412 0x2900  AJRouter - ok
22:23:24.0417 0x2900  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
22:23:24.0419 0x2900  ALG - ok
22:23:24.0427 0x2900  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
22:23:24.0430 0x2900  AmdK8 - ok
22:23:24.0437 0x2900  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
22:23:24.0440 0x2900  AmdPPM - ok
22:23:24.0445 0x2900  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
22:23:24.0447 0x2900  amdsata - ok
22:23:24.0456 0x2900  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
22:23:24.0461 0x2900  amdsbs - ok
22:23:24.0465 0x2900  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
22:23:24.0466 0x2900  amdxata - ok
22:23:24.0500 0x2900  [ 2C5A37BC42D91CD54FEAFCC51D3E4924, FDF678E91D1FAF789A2E0C8315D65D4BAF7997705D66D0450EFF81631BD79F59 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
22:23:24.0516 0x2900  AntiVirMailService - ok
22:23:24.0530 0x2900  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
22:23:24.0538 0x2900  AntiVirSchedulerService - ok
22:23:24.0551 0x2900  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
22:23:24.0559 0x2900  AntiVirService - ok
22:23:24.0592 0x2900  [ B1DEA30E906DC1A90AA9D89FBF3FE490, B37AA43BA8B3C91A657C94D9621C40818BAAFF6C2445D66C4C225E9DB657C2A3 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
22:23:24.0614 0x2900  AntiVirWebService - ok
22:23:24.0622 0x2900  [ C7F9F91698572CF9EDC18EDDE345BF97, 07C02E275686C2AB165EF37825F6D63AA9AAC08FD29878FEF665353DF0C7D23A ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
22:23:24.0623 0x2900  AppHostSvc - ok
22:23:24.0631 0x2900  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
22:23:24.0634 0x2900  AppID - ok
22:23:24.0640 0x2900  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
22:23:24.0642 0x2900  AppIDSvc - ok
22:23:24.0648 0x2900  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
22:23:24.0651 0x2900  Appinfo - ok
22:23:24.0655 0x2900  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
22:23:24.0655 0x2900  applockerfltr - ok
22:23:24.0672 0x2900  [ 1C8DA5C681B603BBC893D50C5D643504, D38EDDB67C993498761978D5DC3DB648E20CB2CA16BA66A8629B16EAA04519EA ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
22:23:24.0682 0x2900  AppReadiness - ok
22:23:24.0741 0x2900  [ CC2D94671F2185383AEAEAD8784784CD, 98453192A1203B768F59EEF48EDE9CF0F45BF259F3771B254920E1FC0A8BAF06 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
22:23:24.0780 0x2900  AppXSvc - ok
22:23:24.0789 0x2900  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
22:23:24.0792 0x2900  arcsas - ok
22:23:24.0808 0x2900  [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:23:24.0809 0x2900  aspnet_state - ok
22:23:24.0813 0x2900  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
22:23:24.0814 0x2900  AsyncMac - ok
22:23:24.0819 0x2900  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
22:23:24.0819 0x2900  atapi - ok
22:23:24.0835 0x2900  [ 5F9C86F133D50EC14BC247B1408EB339, D5C9DC375B91774E580C128677F36C4A4949FC70C7EE82F573EFC8841C084D18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:23:24.0845 0x2900  AudioEndpointBuilder - ok
22:23:24.0874 0x2900  [ 18DD15CD20F3AFB8A056B6250CDD4ABE, B17DDF9C79EE51CBF274BB8763935F841CC865168A8C27512290946D053EC332 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
22:23:24.0894 0x2900  Audiosrv - ok
22:23:24.0900 0x2900  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
22:23:24.0901 0x2900  avdevprot - ok
22:23:24.0908 0x2900  [ 0C6D49FFD4B70F95E24EF5311ED57A28, AB58DC263E3B5DE2E5E76DCBE8061D9B6736B411C2D572E56AD68BB326818FAF ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:23:24.0910 0x2900  avgntflt - ok
22:23:24.0917 0x2900  [ DAA6BD143D3AC4274791018FFAD5543A, 2D85818C52FF768579528A81DEB8D106421D986B28837B301F53B600E382E6CF ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:23:24.0920 0x2900  avipbb - ok
22:23:24.0932 0x2900  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:23:24.0938 0x2900  Avira.ServiceHost - ok
22:23:24.0943 0x2900  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:23:24.0944 0x2900  avkmgr - ok
22:23:24.0949 0x2900  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
22:23:24.0951 0x2900  avnetflt - ok
22:23:24.0955 0x2900  [ 9C71227D9D0A6F929C97294842A988B1, 3C79297A19001902A48BAFEF545CFB70D51509FA704EAE716B1858D1A66386A0 ] avusbflt        C:\WINDOWS\system32\Drivers\avusbflt.sys
22:23:24.0956 0x2900  avusbflt - ok
22:23:24.0961 0x2900  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
22:23:24.0964 0x2900  AxInstSV - ok
22:23:24.0979 0x2900  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
22:23:24.0988 0x2900  b06bdrv - ok
22:23:24.0993 0x2900  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:23:24.0994 0x2900  BasicDisplay - ok
22:23:24.0999 0x2900  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
22:23:25.0000 0x2900  BasicRender - ok
22:23:25.0005 0x2900  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
22:23:25.0005 0x2900  bcmfn2 - ok
22:23:25.0016 0x2900  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
22:23:25.0022 0x2900  BDESVC - ok
22:23:25.0027 0x2900  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:23:25.0028 0x2900  Beep - ok
22:23:25.0060 0x2900  [ 5EC0D7E4DBEB0D8CA45F01A3277D8D9B, 385E950F03B79A4F3DD171360323CAC3420FE3D800BB1698478395C5151E3565 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:23:25.0082 0x2900  BEService - ok
22:23:25.0104 0x2900  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
22:23:25.0117 0x2900  BFE - ok
22:23:25.0143 0x2900  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
22:23:25.0161 0x2900  BITS - ok
22:23:25.0169 0x2900  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
22:23:25.0170 0x2900  bowser - ok
22:23:25.0190 0x2900  [ DD459140CBD075DCFA898097327DB8EB, 8EB685107F06566BC7516F6921547844F1E05A6CD3F0EE80E449638302F46F97 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:23:25.0203 0x2900  BrokerInfrastructure - ok
22:23:25.0210 0x2900  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
22:23:25.0213 0x2900  Browser - ok
22:23:25.0218 0x2900  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:23:25.0219 0x2900  BthAvrcpTg - ok
22:23:25.0224 0x2900  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
22:23:25.0226 0x2900  BthHFEnum - ok
22:23:25.0230 0x2900  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
22:23:25.0231 0x2900  bthhfhid - ok
22:23:25.0244 0x2900  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
22:23:25.0251 0x2900  BthHFSrv - ok
22:23:25.0257 0x2900  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
22:23:25.0258 0x2900  BTHMODEM - ok
22:23:25.0327 0x2900  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
22:23:25.0333 0x2900  bthserv - ok
22:23:25.0342 0x2900  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:23:25.0344 0x2900  buttonconverter - ok
22:23:25.0353 0x2900  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
22:23:25.0355 0x2900  CAD - ok
22:23:25.0365 0x2900  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
22:23:25.0369 0x2900  CapImg - ok
22:23:25.0378 0x2900  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:23:25.0381 0x2900  cdfs - ok
22:23:25.0407 0x2900  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
22:23:25.0422 0x2900  CDPSvc - ok
22:23:25.0437 0x2900  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
22:23:25.0444 0x2900  CDPUserSvc - ok
22:23:25.0455 0x2900  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
22:23:25.0457 0x2900  cdrom - ok
22:23:25.0465 0x2900  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
22:23:25.0469 0x2900  CertPropSvc - ok
22:23:25.0480 0x2900  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
22:23:25.0485 0x2900  cht4iscsi - ok
22:23:25.0531 0x2900  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
22:23:25.0562 0x2900  cht4vbd - ok
22:23:25.0569 0x2900  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
22:23:25.0570 0x2900  circlass - ok
22:23:25.0574 0x2900  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
22:23:25.0574 0x2900  CldFlt - ok
22:23:25.0585 0x2900  [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
22:23:25.0591 0x2900  CLFS - ok
22:23:25.0701 0x2900  [ D4002E560D987598C13CEDA4D14E968D, AAAC19A634094A5695F898ED249571A8DDC92883E5C17BAB9D3D2E4AFE378950 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:23:25.0769 0x2900  ClickToRunSvc - ok
22:23:25.0795 0x2900  [ FA57DEAD00DF87AF861B5FAF253ED3B9, 81BD591549CC1F2312AE85A455B28D051FC7D3A54D6371A634DF09DF8A00F952 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
22:23:25.0808 0x2900  ClipSVC - ok
22:23:25.0813 0x2900  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
22:23:25.0814 0x2900  clreg - ok
22:23:25.0823 0x2900  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
22:23:25.0824 0x2900  CmBatt - ok
22:23:25.0840 0x2900  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
22:23:25.0850 0x2900  CNG - ok
22:23:25.0855 0x2900  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:23:25.0856 0x2900  cnghwassist - ok
22:23:25.0882 0x2900  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
22:23:25.0883 0x2900  CompositeBus - ok
22:23:25.0887 0x2900  COMSysApp - ok
22:23:25.0893 0x2900  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
22:23:25.0895 0x2900  condrv - ok
22:23:25.0925 0x2900  [ 605D4C2E374197FEA0D0BC9C41E5945A, 0E655CEBB86DECC76153776AA4B78B7B7457ABA899B3437F76A7BE09F08752BB ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:23:25.0939 0x2900  CoreMessagingRegistrar - ok
22:23:25.0948 0x2900  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
22:23:25.0950 0x2900  CryptSvc - ok
22:23:25.0974 0x2900  [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
22:23:25.0991 0x2900  cthda - ok
22:23:26.0030 0x2900  [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
22:23:26.0033 0x2900  CtHdaSvc - ok
22:23:26.0037 0x2900  [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
22:23:26.0038 0x2900  cthdb - ok
22:23:26.0044 0x2900  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
22:23:26.0046 0x2900  dam - ok
22:23:26.0156 0x2900  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:23:26.0175 0x2900  DcomLaunch - ok
22:23:26.0190 0x2900  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
22:23:26.0199 0x2900  defragsvc - ok
22:23:26.0212 0x2900  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:23:26.0220 0x2900  DeviceAssociationService - ok
22:23:26.0227 0x2900  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
22:23:26.0231 0x2900  DeviceInstall - ok
22:23:26.0248 0x2900  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
22:23:26.0258 0x2900  DevicesFlowUserSvc - ok
22:23:26.0267 0x2900  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
22:23:26.0269 0x2900  DevQueryBroker - ok
22:23:26.0276 0x2900  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
22:23:26.0278 0x2900  Dfsc - ok
22:23:26.0290 0x2900  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
22:23:26.0296 0x2900  Dhcp - ok
22:23:26.0302 0x2900  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:23:26.0304 0x2900  diagnosticshub.standardcollector.service - ok
22:23:26.0357 0x2900  [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
22:23:26.0398 0x2900  DiagTrack - ok
22:23:26.0407 0x2900  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
22:23:26.0409 0x2900  Disk - ok
22:23:26.0424 0x2900  [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:23:26.0436 0x2900  DmEnrollmentSvc - ok
22:23:26.0442 0x2900  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
22:23:26.0443 0x2900  dmvsc - ok
22:23:26.0447 0x2900  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:23:26.0449 0x2900  dmwappushservice - ok
22:23:26.0457 0x2900  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:23:26.0463 0x2900  Dnscache - ok
22:23:26.0474 0x2900  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:23:26.0479 0x2900  dot3svc - ok
22:23:26.0488 0x2900  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
22:23:26.0491 0x2900  DPS - ok
22:23:26.0495 0x2900  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
22:23:26.0496 0x2900  drmkaud - ok
22:23:26.0505 0x2900  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
22:23:26.0509 0x2900  DsmSvc - ok
22:23:26.0516 0x2900  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
22:23:26.0519 0x2900  DsSvc - ok
22:23:26.0529 0x2900  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
22:23:26.0535 0x2900  DusmSvc - ok
22:23:26.0586 0x2900  [ F5DFB6D800946ADE35C71BE9928098A9, 7B187EC9CCA233C16C9F98F9CFFB1A85A42FC79C652B26C8FED40890F11871F3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:23:26.0620 0x2900  DXGKrnl - ok
22:23:26.0629 0x2900  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:23:26.0631 0x2900  EapHost - ok
22:23:26.0717 0x2900  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
22:23:26.0766 0x2900  ebdrv - ok
22:23:26.0775 0x2900  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS             C:\WINDOWS\System32\lsass.exe
22:23:26.0776 0x2900  EFS - ok
22:23:26.0782 0x2900  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
22:23:26.0784 0x2900  EhStorClass - ok
22:23:26.0790 0x2900  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:23:26.0792 0x2900  EhStorTcgDrv - ok
22:23:26.0798 0x2900  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
22:23:26.0801 0x2900  embeddedmode - ok
22:23:26.0811 0x2900  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:23:26.0817 0x2900  EntAppSvc - ok
22:23:26.0821 0x2900  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
22:23:26.0822 0x2900  ErrDev - ok
22:23:26.0838 0x2900  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
22:23:26.0845 0x2900  EventSystem - ok
22:23:26.0857 0x2900  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
22:23:26.0863 0x2900  exfat - ok
22:23:26.0875 0x2900  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
22:23:26.0880 0x2900  fastfat - ok
22:23:26.0897 0x2900  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:23:26.0908 0x2900  Fax - ok
22:23:26.0914 0x2900  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
22:23:26.0914 0x2900  fdc - ok
22:23:26.0919 0x2900  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
22:23:26.0920 0x2900  fdPHost - ok
22:23:26.0924 0x2900  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
22:23:26.0926 0x2900  FDResPub - ok
22:23:26.0932 0x2900  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
22:23:26.0935 0x2900  fhsvc - ok
22:23:26.0999 0x2900  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
22:23:27.0001 0x2900  FileCrypt - ok
22:23:27.0009 0x2900  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
22:23:27.0012 0x2900  FileInfo - ok
22:23:27.0019 0x2900  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
22:23:27.0021 0x2900  Filetrace - ok
22:23:27.0027 0x2900  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
22:23:27.0028 0x2900  flpydisk - ok
22:23:27.0041 0x2900  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:23:27.0048 0x2900  FltMgr - ok
22:23:27.0090 0x2900  [ 4255A21E89EFEDD8488E3ED81A9F7993, CA918E83A204A38C022A8EF28ACBF4575CEA39EED04FC739C5AD9BC464FF1753 ] FontCache       C:\WINDOWS\system32\FntCache.dll
22:23:27.0117 0x2900  FontCache - ok
22:23:27.0125 0x2900  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:23:27.0126 0x2900  FontCache3.0.0.0 - ok
22:23:27.0142 0x2900  [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
22:23:27.0153 0x2900  FrameServer - ok
22:23:27.0159 0x2900  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
22:23:27.0160 0x2900  FsDepends - ok
22:23:27.0164 0x2900  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:23:27.0165 0x2900  Fs_Rec - ok
22:23:27.0182 0x2900  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:23:27.0192 0x2900  fvevol - ok
22:23:27.0197 0x2900  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
22:23:27.0198 0x2900  gencounter - ok
22:23:27.0202 0x2900  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
22:23:27.0203 0x2900  genericusbfn - ok
22:23:27.0209 0x2900  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:23:27.0212 0x2900  GPIOClx0101 - ok
22:23:27.0241 0x2900  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
22:23:27.0259 0x2900  gpsvc - ok
22:23:27.0264 0x2900  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:23:27.0265 0x2900  GpuEnergyDrv - ok
22:23:27.0273 0x2900  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:23:27.0275 0x2900  gupdate - ok
22:23:27.0281 0x2900  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:23:27.0283 0x2900  gupdatem - ok
22:23:27.0295 0x2900  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
22:23:27.0305 0x2900  HdAudAddService - ok
22:23:27.0313 0x2900  [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
22:23:27.0316 0x2900  HDAudBus - ok
22:23:27.0323 0x2900  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
22:23:27.0325 0x2900  HidBatt - ok
22:23:27.0332 0x2900  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
22:23:27.0334 0x2900  HidBth - ok
22:23:27.0339 0x2900  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
22:23:27.0340 0x2900  hidi2c - ok
22:23:27.0344 0x2900  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:23:27.0345 0x2900  hidinterrupt - ok
22:23:27.0349 0x2900  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
22:23:27.0350 0x2900  HidIr - ok
22:23:27.0354 0x2900  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
22:23:27.0356 0x2900  hidserv - ok
22:23:27.0361 0x2900  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
22:23:27.0362 0x2900  HidUsb - ok
22:23:27.0372 0x2900  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:23:27.0378 0x2900  HomeGroupListener - ok
22:23:27.0390 0x2900  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:23:27.0398 0x2900  HomeGroupProvider - ok
22:23:27.0404 0x2900  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
22:23:27.0405 0x2900  HpSAMD - ok
22:23:27.0431 0x2900  [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
22:23:27.0447 0x2900  HTTP - ok
22:23:27.0453 0x2900  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
22:23:27.0455 0x2900  HvHost - ok
22:23:27.0460 0x2900  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
22:23:27.0461 0x2900  hvservice - ok
22:23:27.0465 0x2900  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
22:23:27.0466 0x2900  hwpolicy - ok
22:23:27.0470 0x2900  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
22:23:27.0471 0x2900  hyperkbd - ok
22:23:27.0477 0x2900  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
22:23:27.0479 0x2900  i8042prt - ok
22:23:27.0483 0x2900  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
22:23:27.0484 0x2900  iagpio - ok
22:23:27.0489 0x2900  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
22:23:27.0490 0x2900  iai2c - ok
22:23:27.0495 0x2900  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
22:23:27.0497 0x2900  iaLPSS2i_GPIO2 - ok
22:23:27.0504 0x2900  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
22:23:27.0506 0x2900  iaLPSS2i_GPIO2_BXT_P - ok
22:23:27.0513 0x2900  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
22:23:27.0516 0x2900  iaLPSS2i_I2C - ok
22:23:27.0524 0x2900  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
22:23:27.0527 0x2900  iaLPSS2i_I2C_BXT_P - ok
22:23:27.0532 0x2900  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:23:27.0533 0x2900  iaLPSSi_GPIO - ok
22:23:27.0539 0x2900  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:23:27.0541 0x2900  iaLPSSi_I2C - ok
22:23:27.0557 0x2900  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
22:23:27.0569 0x2900  iaStorAV - ok
22:23:27.0581 0x2900  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
22:23:27.0587 0x2900  iaStorV - ok
22:23:27.0601 0x2900  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
22:23:27.0609 0x2900  ibbus - ok
22:23:27.0618 0x2900  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
22:23:27.0622 0x2900  icssvc - ok
22:23:27.0627 0x2900  IEEtwCollectorService - ok
22:23:27.0649 0x2900  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
22:23:27.0663 0x2900  IKEEXT - ok
22:23:27.0669 0x2900  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
22:23:27.0670 0x2900  IndirectKmd - ok
22:23:27.0677 0x2900  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
22:23:27.0678 0x2900  intelide - ok
22:23:27.0682 0x2900  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
22:23:27.0684 0x2900  intelpep - ok
22:23:27.0690 0x2900  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
22:23:27.0693 0x2900  intelppm - ok
22:23:27.0698 0x2900  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
22:23:27.0699 0x2900  iorate - ok
22:23:27.0705 0x2900  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:23:27.0706 0x2900  IpFilterDriver - ok
22:23:27.0801 0x2900  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
22:23:27.0820 0x2900  iphlpsvc - ok
22:23:27.0826 0x2900  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:23:27.0828 0x2900  IPMIDRV - ok
22:23:27.0835 0x2900  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
22:23:27.0839 0x2900  IPNAT - ok
22:23:27.0844 0x2900  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
22:23:27.0846 0x2900  IpxlatCfgSvc - ok
22:23:27.0851 0x2900  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
22:23:27.0854 0x2900  irda - ok
22:23:27.0858 0x2900  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
22:23:27.0858 0x2900  IRENUM - ok
22:23:27.0863 0x2900  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
22:23:27.0864 0x2900  irmon - ok
22:23:27.0868 0x2900  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
22:23:27.0869 0x2900  isapnp - ok
22:23:27.0878 0x2900  [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
22:23:27.0882 0x2900  iScsiPrt - ok
22:23:27.0887 0x2900  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
22:23:27.0888 0x2900  kbdclass - ok
22:23:27.0893 0x2900  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
22:23:27.0894 0x2900  kbdhid - ok
22:23:27.0898 0x2900  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
22:23:27.0898 0x2900  kdnic - ok
22:23:27.0903 0x2900  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso          C:\WINDOWS\system32\lsass.exe
22:23:27.0905 0x2900  KeyIso - ok
22:23:27.0911 0x2900  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
22:23:27.0913 0x2900  KSecDD - ok
22:23:27.0920 0x2900  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:23:27.0923 0x2900  KSecPkg - ok
22:23:27.0927 0x2900  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
22:23:27.0928 0x2900  ksthunk - ok
22:23:27.0938 0x2900  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
22:23:27.0945 0x2900  KtmRm - ok
22:23:27.0955 0x2900  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
22:23:27.0961 0x2900  LanmanServer - ok
22:23:27.0970 0x2900  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:23:27.0977 0x2900  LanmanWorkstation - ok
22:23:27.0983 0x2900  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
22:23:27.0985 0x2900  lfsvc - ok
22:23:27.0990 0x2900  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
22:23:27.0992 0x2900  LicenseManager - ok
22:23:27.0996 0x2900  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
22:23:27.0998 0x2900  lltdio - ok
22:23:28.0006 0x2900  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
22:23:28.0012 0x2900  lltdsvc - ok
22:23:28.0016 0x2900  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
22:23:28.0018 0x2900  lmhosts - ok
22:23:28.0024 0x2900  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
22:23:28.0026 0x2900  LSI_SAS - ok
22:23:28.0032 0x2900  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:23:28.0034 0x2900  LSI_SAS2i - ok
22:23:28.0039 0x2900  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:23:28.0041 0x2900  LSI_SAS3i - ok
22:23:28.0046 0x2900  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
22:23:28.0048 0x2900  LSI_SSS - ok
22:23:28.0065 0x2900  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
22:23:28.0076 0x2900  LSM - ok
22:23:28.0082 0x2900  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
22:23:28.0084 0x2900  luafv - ok
22:23:28.0090 0x2900  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
22:23:28.0092 0x2900  MapsBroker - ok
22:23:28.0104 0x2900  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
22:23:28.0110 0x2900  mausbhost - ok
22:23:28.0115 0x2900  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
22:23:28.0116 0x2900  mausbip - ok
22:23:28.0123 0x2900  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
22:23:28.0126 0x2900  MBAMChameleon - ok
22:23:28.0131 0x2900  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
22:23:28.0132 0x2900  MBAMProtection - ok
22:23:28.0303 0x2900  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     F:\Anti-Malware\mbamservice.exe
22:23:28.0366 0x2900  MBAMService - ok
22:23:28.0382 0x2900  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
22:23:28.0386 0x2900  MBAMSwissArmy - ok
22:23:28.0391 0x2900  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
22:23:28.0392 0x2900  megasas - ok
22:23:28.0397 0x2900  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
22:23:28.0398 0x2900  megasas2i - ok
22:23:28.0413 0x2900  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
22:23:28.0422 0x2900  megasr - ok
22:23:28.0427 0x2900  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:23:28.0429 0x2900  MessagingService - ok
22:23:28.0451 0x2900  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
22:23:28.0463 0x2900  mlx4_bus - ok
22:23:28.0468 0x2900  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
22:23:28.0469 0x2900  MMCSS - ok
22:23:28.0473 0x2900  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
22:23:28.0475 0x2900  Modem - ok
22:23:28.0479 0x2900  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
22:23:28.0479 0x2900  monitor - ok
22:23:28.0484 0x2900  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
22:23:28.0485 0x2900  mouclass - ok
22:23:28.0489 0x2900  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
22:23:28.0490 0x2900  mouhid - ok
22:23:28.0495 0x2900  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
22:23:28.0497 0x2900  mountmgr - ok
22:23:28.0502 0x2900  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
22:23:28.0503 0x2900  mpsdrv - ok
22:23:28.0526 0x2900  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
22:23:28.0541 0x2900  MpsSvc - ok
22:23:28.0549 0x2900  [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
22:23:28.0552 0x2900  MQAC - ok
22:23:28.0559 0x2900  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
22:23:28.0561 0x2900  MRxDAV - ok
22:23:28.0574 0x2900  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:23:28.0581 0x2900  mrxsmb - ok
22:23:28.0590 0x2900  [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:23:28.0595 0x2900  mrxsmb10 - ok
22:23:28.0603 0x2900  [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:23:28.0607 0x2900  mrxsmb20 - ok
22:23:28.0613 0x2900  [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
22:23:28.0615 0x2900  MsBridge - ok
22:23:28.0621 0x2900  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:23:28.0625 0x2900  MSDTC - ok
22:23:28.0632 0x2900  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:23:28.0633 0x2900  Msfs - ok
22:23:28.0637 0x2900  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:23:28.0638 0x2900  msgpiowin32 - ok
22:23:28.0641 0x2900  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:23:28.0642 0x2900  mshidkmdf - ok
22:23:28.0645 0x2900  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
22:23:28.0646 0x2900  mshidumdf - ok
22:23:28.0650 0x2900  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
22:23:28.0650 0x2900  msisadrv - ok
22:23:28.0657 0x2900  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
22:23:28.0660 0x2900  MSiSCSI - ok
22:23:28.0663 0x2900  msiserver - ok
22:23:28.0670 0x2900  [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:23:28.0671 0x2900  MSKSSRV - ok
22:23:28.0676 0x2900  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
22:23:28.0677 0x2900  MsLldp - ok
22:23:28.0682 0x2900  [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
22:23:28.0684 0x2900  MSMQ - ok
22:23:28.0688 0x2900  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:23:28.0688 0x2900  MSPCLOCK - ok
22:23:28.0692 0x2900  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:23:28.0692 0x2900  MSPQM - ok
22:23:28.0702 0x2900  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
22:23:28.0708 0x2900  MsRPC - ok
22:23:28.0714 0x2900  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
22:23:28.0715 0x2900  mssmbios - ok
22:23:28.0719 0x2900  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:23:28.0719 0x2900  MSTEE - ok
22:23:28.0722 0x2900  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
22:23:28.0723 0x2900  MTConfig - ok
22:23:28.0728 0x2900  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
22:23:28.0730 0x2900  Mup - ok
22:23:28.0735 0x2900  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
22:23:28.0736 0x2900  mvumis - ok
22:23:28.0752 0x2900  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:23:28.0760 0x2900  NativeWifiP - ok
22:23:28.0778 0x2900  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
22:23:28.0789 0x2900  NaturalAuthentication - ok
22:23:28.0797 0x2900  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
22:23:28.0800 0x2900  NcaSvc - ok
22:23:28.0811 0x2900  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
22:23:28.0817 0x2900  NcbService - ok
22:23:28.0822 0x2900  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
22:23:28.0825 0x2900  NcdAutoSetup - ok
22:23:28.0830 0x2900  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
22:23:28.0832 0x2900  ndfltr - ok
22:23:28.0859 0x2900  [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
22:23:28.0877 0x2900  NDIS - ok
22:23:28.0883 0x2900  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
22:23:28.0884 0x2900  NdisCap - ok
22:23:28.0889 0x2900  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:23:28.0891 0x2900  NdisImPlatform - ok
22:23:28.0952 0x2900  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:23:28.0953 0x2900  NdisTapi - ok
22:23:28.0962 0x2900  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
22:23:28.0964 0x2900  Ndisuio - ok
22:23:28.0970 0x2900  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:23:28.0971 0x2900  NdisVirtualBus - ok
22:23:28.0982 0x2900  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
22:23:28.0985 0x2900  NdisWan - ok
22:23:28.0993 0x2900  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:23:28.0997 0x2900  ndiswanlegacy - ok
22:23:29.0002 0x2900  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:23:29.0003 0x2900  ndproxy - ok
22:23:29.0009 0x2900  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
22:23:29.0011 0x2900  Ndu - ok
22:23:29.0017 0x2900  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
22:23:29.0019 0x2900  NetAdapterCx - ok
22:23:29.0024 0x2900  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
22:23:29.0025 0x2900  NetBIOS - ok
22:23:29.0036 0x2900  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:23:29.0041 0x2900  NetBT - ok
22:23:29.0046 0x2900  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:23:29.0048 0x2900  Netlogon - ok
22:23:29.0056 0x2900  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
22:23:29.0061 0x2900  Netman - ok
22:23:29.0072 0x2900  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:23:29.0076 0x2900  NetMsmqActivator - ok
22:23:29.0081 0x2900  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:23:29.0084 0x2900  NetPipeActivator - ok
22:23:29.0098 0x2900  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
22:23:29.0107 0x2900  netprofm - ok
22:23:29.0117 0x2900  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
22:23:29.0122 0x2900  NetSetupSvc - ok
22:23:29.0127 0x2900  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:23:29.0129 0x2900  NetTcpActivator - ok
22:23:29.0134 0x2900  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:23:29.0137 0x2900  NetTcpPortSharing - ok
22:23:29.0142 0x2900  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
22:23:29.0144 0x2900  netvsc - ok
22:23:29.0159 0x2900  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
22:23:29.0168 0x2900  NgcCtnrSvc - ok
22:23:29.0192 0x2900  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
22:23:29.0208 0x2900  NgcSvc - ok
22:23:29.0219 0x2900  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
22:23:29.0226 0x2900  NlaSvc - ok
22:23:29.0231 0x2900  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:23:29.0233 0x2900  Npfs - ok
22:23:29.0237 0x2900  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
22:23:29.0238 0x2900  npsvctrig - ok
22:23:29.0242 0x2900  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
22:23:29.0244 0x2900  nsi - ok
22:23:29.0248 0x2900  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
22:23:29.0249 0x2900  nsiproxy - ok
22:23:29.0298 0x2900  [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
22:23:29.0345 0x2900  NTFS - ok
22:23:29.0352 0x2900  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:23:29.0352 0x2900  Null - ok
22:23:29.0366 0x2900  [ DE17C68FE82A90B681D323AB33E3BEF7, CA77E90B5E5AFA67C64E6FD9A0E8A46F9D7EDFAD55E50E9B47FE724351AF4271 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:23:29.0373 0x2900  NvContainerLocalSystem - ok
22:23:29.0386 0x2900  [ DE17C68FE82A90B681D323AB33E3BEF7, CA77E90B5E5AFA67C64E6FD9A0E8A46F9D7EDFAD55E50E9B47FE724351AF4271 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:23:29.0394 0x2900  NvContainerNetworkService - ok
22:23:29.0399 0x2900  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
22:23:29.0401 0x2900  nvdimmn - ok
22:23:29.0410 0x2900  [ 4938CCA6E12A7FDA5324FFF0DF5DB8EC, 053D4D21014020C0D39F7BFC480EAE1458E1ABA1C40E11190204C4A2CB0D46EF ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
22:23:29.0413 0x2900  NVHDA - ok
22:23:29.0746 0x2900  [ 573640A3EEDF56FDA11085E63ED2C792, 36ECF85E5C9ADC1ECDBCCBEB0A78A1CD0B3F2DADE040D46A2F887CCB7ED2C5DE ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys
22:23:29.0984 0x2900  nvlddmkm - ok
22:23:30.0008 0x2900  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
22:23:30.0011 0x2900  nvraid - ok
22:23:30.0018 0x2900  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
22:23:30.0021 0x2900  nvstor - ok
22:23:30.0025 0x2900  [ C1E4298F14EDD4465EDB86E638B45153, A3514A1465A3A4011EC0FA3F295336C15D9135DED6C72B58ADB30A9B48C3B6F8 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:23:30.0026 0x2900  NvStreamKms - ok
22:23:30.0039 0x2900  [ 90DCD15F2FCD20474DE896DAEC146308, A3CD21CA15F359A3BEC6D659372E303C21EF1A290F3B7DC18D6452C89BDDF700 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
22:23:30.0046 0x2900  NvTelemetryContainer - ok
22:23:30.0052 0x2900  [ BBE1438797D119034847F9CB40EAFDBA, 9FAC39999D2D87E0B60EEDB4126FA5A25D142C52D5E5DDCD8BDB6BF2A836ABB9 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
22:23:30.0053 0x2900  nvvad_WaveExtensible - ok
22:23:30.0063 0x2900  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
22:23:30.0068 0x2900  OneSyncSvc - ok
22:23:30.0078 0x2900  [ 604C5E77B1BAEA8837E20F214E3AA512, 90587A29F0F3F4D31E1899E49F2906F71104918914B20CD3751F87A4E88F6A29 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:23:30.0082 0x2900  ose64 - ok
22:23:30.0201 0x2900  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:23:30.0272 0x2900  osppsvc - ok
22:23:30.0288 0x2900  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
22:23:30.0295 0x2900  p2pimsvc - ok
22:23:30.0307 0x2900  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
22:23:30.0315 0x2900  p2psvc - ok
22:23:30.0321 0x2900  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
22:23:30.0322 0x2900  Parport - ok
22:23:30.0329 0x2900  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
22:23:30.0331 0x2900  partmgr - ok
22:23:30.0345 0x2900  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
22:23:30.0355 0x2900  PcaSvc - ok
22:23:30.0366 0x2900  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
22:23:30.0372 0x2900  pci - ok
22:23:30.0376 0x2900  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
22:23:30.0377 0x2900  pciide - ok
22:23:30.0383 0x2900  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
22:23:30.0385 0x2900  pcmcia - ok
22:23:30.0389 0x2900  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
22:23:30.0390 0x2900  pcw - ok
22:23:30.0396 0x2900  [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
22:23:30.0398 0x2900  pdc - ok
22:23:30.0415 0x2900  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
22:23:30.0426 0x2900  PEAUTH - ok
22:23:30.0431 0x2900  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
22:23:30.0433 0x2900  percsas2i - ok
22:23:30.0437 0x2900  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
22:23:30.0438 0x2900  percsas3i - ok
22:23:30.0478 0x2900  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
22:23:30.0481 0x2900  PerfHost - ok
22:23:30.0516 0x2900  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
22:23:30.0530 0x2900  PhoneSvc - ok
22:23:30.0539 0x2900  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:23:30.0543 0x2900  PimIndexMaintenanceSvc - ok
22:23:30.0578 0x2900  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
22:23:30.0600 0x2900  pla - ok
22:23:30.0607 0x2900  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
22:23:30.0612 0x2900  PlugPlay - ok
22:23:30.0618 0x2900  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
22:23:30.0619 0x2900  pmem - ok
22:23:30.0624 0x2900  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
22:23:30.0626 0x2900  PNRPAutoReg - ok
22:23:30.0636 0x2900  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
22:23:30.0642 0x2900  PNRPsvc - ok
22:23:30.0655 0x2900  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
22:23:30.0663 0x2900  PolicyAgent - ok
22:23:30.0671 0x2900  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
22:23:30.0675 0x2900  Power - ok
22:23:30.0681 0x2900  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
22:23:30.0683 0x2900  PptpMiniport - ok
22:23:30.0747 0x2900  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:23:30.0791 0x2900  PrintNotify - ok
22:23:30.0801 0x2900  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
22:23:30.0804 0x2900  Processor - ok
22:23:30.0816 0x2900  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
22:23:30.0824 0x2900  ProfSvc - ok

Nuclear2015 · 07.07.2017, 21:26

Code:

ATTFilter

22:23:30.0831 0x2900  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
22:23:30.0834 0x2900  Psched - ok
22:23:30.0842 0x2900  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
22:23:30.0848 0x2900  QWAVE - ok
22:23:30.0853 0x2900  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
22:23:30.0854 0x2900  QWAVEdrv - ok
22:23:30.0858 0x2900  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:23:30.0858 0x2900  RasAcd - ok
22:23:30.0863 0x2900  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
22:23:30.0865 0x2900  RasAgileVpn - ok
22:23:30.0871 0x2900  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:23:30.0874 0x2900  RasAuto - ok
22:23:30.0879 0x2900  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
22:23:30.0880 0x2900  Rasl2tp - ok
22:23:30.0905 0x2900  [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:23:30.0931 0x2900  RasMan - ok
22:23:30.0937 0x2900  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:23:30.0939 0x2900  RasPppoe - ok
22:23:30.0944 0x2900  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
22:23:30.0946 0x2900  RasSstp - ok
22:23:30.0958 0x2900  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:23:30.0965 0x2900  rdbss - ok
22:23:30.0971 0x2900  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
22:23:30.0972 0x2900  rdpbus - ok
22:23:30.0979 0x2900  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
22:23:30.0982 0x2900  RDPDR - ok
22:23:30.0990 0x2900  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:23:30.0991 0x2900  RdpVideoMiniport - ok
22:23:31.0001 0x2900  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
22:23:31.0005 0x2900  rdyboost - ok
22:23:31.0042 0x2900  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
22:23:31.0067 0x2900  ReFS - ok
22:23:31.0090 0x2900  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
22:23:31.0104 0x2900  ReFSv1 - ok
22:23:31.0119 0x2900  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:23:31.0128 0x2900  RemoteAccess - ok
22:23:31.0135 0x2900  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:23:31.0140 0x2900  RemoteRegistry - ok
22:23:31.0156 0x2900  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
22:23:31.0172 0x2900  RetailDemo - ok
22:23:31.0184 0x2900  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
22:23:31.0188 0x2900  RmSvc - ok
22:23:31.0194 0x2900  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
22:23:31.0197 0x2900  RpcEptMapper - ok
22:23:31.0201 0x2900  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:23:31.0202 0x2900  RpcLocator - ok
22:23:31.0225 0x2900  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:23:31.0242 0x2900  RpcSs - ok
22:23:31.0248 0x2900  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
22:23:31.0250 0x2900  rspndr - ok
22:23:31.0265 0x2900  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
22:23:31.0274 0x2900  rt640x64 - ok
22:23:31.0278 0x2900  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
22:23:31.0279 0x2900  s3cap - ok
22:23:31.0283 0x2900  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:23:31.0285 0x2900  SamSs - ok
22:23:31.0291 0x2900  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
22:23:31.0293 0x2900  sbp2port - ok
22:23:31.0301 0x2900  [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
22:23:31.0306 0x2900  SCardSvr - ok
22:23:31.0314 0x2900  [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
22:23:31.0319 0x2900  ScDeviceEnum - ok
22:23:31.0323 0x2900  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:23:31.0324 0x2900  scfilter - ok
22:23:31.0344 0x2900  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:23:31.0358 0x2900  Schedule - ok
22:23:31.0365 0x2900  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
22:23:31.0366 0x2900  scmbus - ok
22:23:31.0373 0x2900  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
22:23:31.0377 0x2900  SCPolicySvc - ok
22:23:31.0386 0x2900  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
22:23:31.0390 0x2900  sdbus - ok
22:23:31.0395 0x2900  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
22:23:31.0395 0x2900  SDFRd - ok
22:23:31.0402 0x2900  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
22:23:31.0406 0x2900  SDRSVC - ok
22:23:31.0411 0x2900  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
22:23:31.0413 0x2900  sdstor - ok
22:23:31.0419 0x2900  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
22:23:31.0421 0x2900  seclogon - ok
22:23:31.0431 0x2900  [ 112134D19C8F08228D4EC84C16342ED6, F99095458BDD74F1531C4FB7A283D7A3F07BEC33FA8423F26D647EB4C5AAFC2E ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
22:23:31.0438 0x2900  SecurityHealthService - ok
22:23:31.0465 0x2900  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
22:23:31.0483 0x2900  SEMgrSvc - ok
22:23:31.0489 0x2900  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
22:23:31.0492 0x2900  SENS - ok
22:23:31.0519 0x2900  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:23:31.0539 0x2900  SensorDataService - ok
22:23:31.0555 0x2900  [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService   C:\WINDOWS\system32\SensorService.dll
22:23:31.0564 0x2900  SensorService - ok
22:23:31.0573 0x2900  [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
22:23:31.0578 0x2900  SensrSvc - ok
22:23:31.0583 0x2900  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
22:23:31.0584 0x2900  SerCx - ok
22:23:31.0591 0x2900  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
22:23:31.0593 0x2900  SerCx2 - ok
22:23:31.0597 0x2900  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
22:23:31.0598 0x2900  Serenum - ok
22:23:31.0603 0x2900  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
22:23:31.0604 0x2900  Serial - ok
22:23:31.0608 0x2900  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
22:23:31.0609 0x2900  sermouse - ok
22:23:31.0629 0x2900  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
22:23:31.0636 0x2900  SessionEnv - ok
22:23:31.0643 0x2900  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
22:23:31.0644 0x2900  sfloppy - ok
22:23:31.0659 0x2900  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:23:31.0668 0x2900  SharedAccess - ok
22:23:31.0686 0x2900  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:23:31.0697 0x2900  ShellHWDetection - ok
22:23:31.0705 0x2900  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
22:23:31.0710 0x2900  shpamsvc - ok
22:23:31.0715 0x2900  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:23:31.0716 0x2900  SiSRaid2 - ok
22:23:31.0721 0x2900  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
22:23:31.0723 0x2900  SiSRaid4 - ok
22:23:31.0726 0x2900  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
22:23:31.0729 0x2900  smphost - ok
22:23:31.0748 0x2900  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
22:23:31.0759 0x2900  SmsRouter - ok
22:23:31.0766 0x2900  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:23:31.0769 0x2900  SNMPTRAP - ok
22:23:31.0783 0x2900  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
22:23:31.0792 0x2900  spaceport - ok
22:23:31.0797 0x2900  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
22:23:31.0798 0x2900  SpatialGraphFilter - ok
22:23:31.0803 0x2900  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
22:23:31.0805 0x2900  SpbCx - ok
22:23:31.0825 0x2900  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
22:23:31.0839 0x2900  spectrum - ok
22:23:31.0858 0x2900  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
22:23:31.0872 0x2900  Spooler - ok
22:23:31.0979 0x2900  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
22:23:32.0045 0x2900  sppsvc - ok
22:23:32.0062 0x2900  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:23:32.0068 0x2900  srv - ok
22:23:32.0087 0x2900  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
22:23:32.0099 0x2900  srv2 - ok
22:23:32.0108 0x2900  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:23:32.0112 0x2900  srvnet - ok
22:23:32.0120 0x2900  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:23:32.0125 0x2900  SSDPSRV - ok
22:23:32.0134 0x2900  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
22:23:32.0139 0x2900  SstpSvc - ok
22:23:32.0261 0x2900  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:23:32.0337 0x2900  StateRepository - ok
22:23:32.0388 0x2900  [ AC5DE2689B571942E08128D0EC771495, 46A0932F0AC4911B6778D7C09DFB640A9225092CDC028BF74E8FD6374A1E8035 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:23:32.0411 0x2900  Steam Client Service - ok
22:23:32.0416 0x2900  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
22:23:32.0417 0x2900  stexstor - ok
22:23:32.0434 0x2900  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
22:23:32.0446 0x2900  stisvc - ok
22:23:32.0453 0x2900  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
22:23:32.0456 0x2900  storahci - ok
22:23:32.0461 0x2900  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
22:23:32.0462 0x2900  storflt - ok
22:23:32.0467 0x2900  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
22:23:32.0469 0x2900  stornvme - ok
22:23:32.0474 0x2900  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
22:23:32.0475 0x2900  storqosflt - ok
22:23:32.0494 0x2900  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
22:23:32.0506 0x2900  StorSvc - ok
22:23:32.0511 0x2900  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
22:23:32.0512 0x2900  storufs - ok
22:23:32.0516 0x2900  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
22:23:32.0517 0x2900  storvsc - ok
22:23:32.0522 0x2900  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
22:23:32.0524 0x2900  svsvc - ok
22:23:32.0528 0x2900  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
22:23:32.0528 0x2900  swenum - ok
22:23:32.0541 0x2900  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
22:23:32.0551 0x2900  swprv - ok
22:23:32.0556 0x2900  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:23:32.0558 0x2900  Synth3dVsc - ok
22:23:32.0580 0x2900  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
22:23:32.0595 0x2900  SysMain - ok
22:23:32.0607 0x2900  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:23:32.0613 0x2900  SystemEventsBroker - ok
22:23:32.0620 0x2900  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:23:32.0624 0x2900  TabletInputService - ok
22:23:32.0633 0x2900  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:23:32.0640 0x2900  TapiSrv - ok
22:23:32.0695 0x2900  [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
22:23:32.0733 0x2900  Tcpip - ok
22:23:32.0790 0x2900  [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
22:23:32.0827 0x2900  Tcpip6 - ok
22:23:32.0836 0x2900  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
22:23:32.0837 0x2900  tcpipreg - ok
22:23:32.0844 0x2900  [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
22:23:32.0847 0x2900  tdx - ok
22:23:32.0851 0x2900  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
22:23:32.0852 0x2900  terminpt - ok
22:23:32.0876 0x2900  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:23:32.0891 0x2900  TermService - ok
22:23:32.0897 0x2900  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
22:23:32.0900 0x2900  Themes - ok
22:23:32.0910 0x2900  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:23:32.0917 0x2900  TieringEngineService - ok
22:23:32.0933 0x2900  [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:23:32.0943 0x2900  tiledatamodelsvc - ok
22:23:32.0951 0x2900  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
22:23:32.0956 0x2900  TimeBrokerSvc - ok
22:23:32.0981 0x2900  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
22:23:32.0998 0x2900  TokenBroker - ok
22:23:33.0006 0x2900  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
22:23:33.0010 0x2900  TPM - ok
22:23:33.0016 0x2900  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
22:23:33.0020 0x2900  TrkWks - ok
22:23:33.0025 0x2900  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:23:33.0027 0x2900  TrustedInstaller - ok
22:23:33.0035 0x2900  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
22:23:33.0037 0x2900  TsUsbFlt - ok
22:23:33.0042 0x2900  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:23:33.0043 0x2900  TsUsbGD - ok
22:23:33.0050 0x2900  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
22:23:33.0053 0x2900  tunnel - ok
22:23:33.0059 0x2900  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
22:23:33.0063 0x2900  tzautoupdate - ok
22:23:33.0070 0x2900  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
22:23:33.0071 0x2900  UASPStor - ok
22:23:33.0077 0x2900  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
22:23:33.0079 0x2900  UcmCx0101 - ok
22:23:33.0086 0x2900  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
22:23:33.0089 0x2900  UcmTcpciCx0101 - ok
22:23:33.0094 0x2900  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:23:33.0095 0x2900  UcmUcsi - ok
22:23:33.0103 0x2900  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
22:23:33.0107 0x2900  Ucx01000 - ok
22:23:33.0112 0x2900  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
22:23:33.0113 0x2900  UdeCx - ok
22:23:33.0123 0x2900  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
22:23:33.0128 0x2900  udfs - ok
22:23:33.0133 0x2900  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
22:23:33.0133 0x2900  UEFI - ok
22:23:33.0142 0x2900  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
22:23:33.0146 0x2900  Ufx01000 - ok
22:23:33.0152 0x2900  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:23:33.0154 0x2900  UfxChipidea - ok
22:23:33.0160 0x2900  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:23:33.0163 0x2900  ufxsynopsys - ok
22:23:33.0171 0x2900  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
22:23:33.0173 0x2900  UI0Detect - ok
22:23:33.0178 0x2900  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
22:23:33.0180 0x2900  umbus - ok
22:23:33.0184 0x2900  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
22:23:33.0184 0x2900  UmPass - ok
22:23:33.0194 0x2900  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
22:23:33.0200 0x2900  UmRdpService - ok
22:23:33.0226 0x2900  [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
22:23:33.0245 0x2900  UnistoreSvc - ok
22:23:33.0261 0x2900  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:23:33.0269 0x2900  upnphost - ok
22:23:33.0274 0x2900  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
22:23:33.0275 0x2900  UrsChipidea - ok
22:23:33.0280 0x2900  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
22:23:33.0281 0x2900  UrsCx01000 - ok
22:23:33.0286 0x2900  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
22:23:33.0286 0x2900  UrsSynopsys - ok
22:23:33.0293 0x2900  [ FC318082D0793B76C766A8DFD4C247C5, F547C643A16D580BD96BC20DC901A8210875812EDABD57DD65F20A915A877CB3 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
22:23:33.0295 0x2900  usbaudio - ok
22:23:33.0303 0x2900  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
22:23:33.0305 0x2900  usbccgp - ok
22:23:33.0312 0x2900  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
22:23:33.0314 0x2900  usbcir - ok
22:23:33.0319 0x2900  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
22:23:33.0321 0x2900  usbehci - ok
22:23:33.0335 0x2900  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
22:23:33.0343 0x2900  usbhub - ok
22:23:33.0358 0x2900  [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
22:23:33.0368 0x2900  USBHUB3 - ok
22:23:33.0373 0x2900  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
22:23:33.0374 0x2900  usbohci - ok
22:23:33.0378 0x2900  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
22:23:33.0378 0x2900  usbprint - ok
22:23:33.0383 0x2900  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
22:23:33.0384 0x2900  usbser - ok
22:23:33.0390 0x2900  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:23:33.0393 0x2900  USBSTOR - ok
22:23:33.0396 0x2900  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
22:23:33.0397 0x2900  usbuhci - ok
22:23:33.0411 0x2900  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:23:33.0417 0x2900  USBXHCI - ok
22:23:33.0453 0x2900  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
22:23:33.0478 0x2900  UserDataSvc - ok
22:23:33.0503 0x2900  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
22:23:33.0517 0x2900  UserManager - ok
22:23:33.0534 0x2900  [ 86FF5780D885B09F3C4CD62145470CB1, B0070E3567A7F8E993F2650E251026DF0A4FA0D3F5258C4F88D9819F9B9EC395 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
22:23:33.0546 0x2900  UsoSvc - ok
22:23:33.0552 0x2900  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
22:23:33.0554 0x2900  VaultSvc - ok
22:23:33.0558 0x2900  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
22:23:33.0559 0x2900  vdrvroot - ok
22:23:33.0575 0x2900  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
22:23:33.0587 0x2900  vds - ok
22:23:33.0596 0x2900  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
22:23:33.0600 0x2900  VerifierExt - ok
22:23:33.0617 0x2900  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
22:23:33.0628 0x2900  vhdmp - ok
22:23:33.0634 0x2900  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
22:23:33.0634 0x2900  vhf - ok
22:23:33.0640 0x2900  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
22:23:33.0642 0x2900  vmbus - ok
22:23:33.0645 0x2900  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
22:23:33.0646 0x2900  VMBusHID - ok
22:23:33.0650 0x2900  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
22:23:33.0650 0x2900  vmgid - ok
22:23:33.0659 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
22:23:33.0664 0x2900  vmicguestinterface - ok
22:23:33.0674 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
22:23:33.0679 0x2900  vmicheartbeat - ok
22:23:33.0688 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
22:23:33.0693 0x2900  vmickvpexchange - ok
22:23:33.0702 0x2900  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
22:23:33.0708 0x2900  vmicrdv - ok
22:23:33.0717 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
22:23:33.0722 0x2900  vmicshutdown - ok
22:23:33.0731 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
22:23:33.0736 0x2900  vmictimesync - ok
22:23:33.0745 0x2900  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
22:23:33.0750 0x2900  vmicvmsession - ok
22:23:33.0760 0x2900  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
22:23:33.0766 0x2900  vmicvss - ok
22:23:33.0772 0x2900  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
22:23:33.0774 0x2900  volmgr - ok
22:23:33.0785 0x2900  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
22:23:33.0791 0x2900  volmgrx - ok
22:23:33.0803 0x2900  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
22:23:33.0808 0x2900  volsnap - ok
22:23:33.0813 0x2900  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
22:23:33.0814 0x2900  volume - ok
22:23:33.0819 0x2900  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
22:23:33.0820 0x2900  vpci - ok
22:23:33.0827 0x2900  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
22:23:33.0829 0x2900  vsmraid - ok
22:23:33.0863 0x2900  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
22:23:33.0887 0x2900  VSS - ok
22:23:33.0898 0x2900  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
22:23:33.0903 0x2900  VSTXRAID - ok
22:23:33.0908 0x2900  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
22:23:33.0909 0x2900  vwifibus - ok
22:23:33.0914 0x2900  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
22:23:33.0916 0x2900  vwififlt - ok
22:23:33.0930 0x2900  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
22:23:33.0941 0x2900  W32Time - ok
22:23:33.0947 0x2900  [ A57B80F078FE71DEC1D0487DA70A56FD, F26F273BB45CBCACE440B08FF14C05D1B89046AE669195B4DAD50129835B1D9C ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
22:23:33.0948 0x2900  w3logsvc - ok
22:23:33.0953 0x2900  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
22:23:33.0954 0x2900  WacomPen - ok
22:23:33.0967 0x2900  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
22:23:33.0975 0x2900  WalletService - ok
22:23:33.0982 0x2900  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:23:33.0983 0x2900  wanarp - ok
22:23:33.0988 0x2900  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:23:33.0989 0x2900  wanarpv6 - ok
22:23:34.0004 0x2900  [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
22:23:34.0013 0x2900  WAS - ok
22:23:34.0050 0x2900  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
22:23:34.0073 0x2900  wbengine - ok
22:23:34.0098 0x2900  [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
22:23:34.0113 0x2900  WbioSrvc - ok
22:23:34.0121 0x2900  [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
22:23:34.0123 0x2900  wcifs - ok
22:23:34.0142 0x2900  [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
22:23:34.0156 0x2900  Wcmsvc - ok
22:23:34.0170 0x2900  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
22:23:34.0179 0x2900  wcncsvc - ok
22:23:34.0185 0x2900  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
22:23:34.0186 0x2900  wcnfs - ok
22:23:34.0191 0x2900  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
22:23:34.0192 0x2900  WdBoot - ok
22:23:34.0212 0x2900  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
22:23:34.0225 0x2900  Wdf01000 - ok
22:23:34.0235 0x2900  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
22:23:34.0240 0x2900  WdFilter - ok
22:23:34.0246 0x2900  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
22:23:34.0249 0x2900  WdiServiceHost - ok
22:23:34.0254 0x2900  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
22:23:34.0258 0x2900  WdiSystemHost - ok
22:23:34.0276 0x2900  [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:23:34.0288 0x2900  wdiwifi - ok
22:23:34.0295 0x2900  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:23:34.0297 0x2900  WdNisDrv - ok
22:23:34.0301 0x2900  WdNisSvc - ok
22:23:34.0310 0x2900  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:23:34.0315 0x2900  WebClient - ok
22:23:34.0324 0x2900  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
22:23:34.0329 0x2900  Wecsvc - ok
22:23:34.0334 0x2900  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
22:23:34.0337 0x2900  WEPHOSTSVC - ok
22:23:34.0342 0x2900  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
22:23:34.0345 0x2900  wercplsupport - ok
22:23:34.0356 0x2900  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
22:23:34.0361 0x2900  WerSvc - ok
22:23:34.0375 0x2900  [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
22:23:34.0385 0x2900  WFDSConMgrSvc - ok
22:23:34.0393 0x2900  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
22:23:34.0396 0x2900  WFPLWFS - ok
22:23:34.0401 0x2900  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
22:23:34.0404 0x2900  WiaRpc - ok
22:23:34.0409 0x2900  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
22:23:34.0410 0x2900  WIMMount - ok
22:23:34.0412 0x2900  WinDefend - ok
22:23:34.0421 0x2900  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:23:34.0422 0x2900  WindowsTrustedRT - ok
22:23:34.0427 0x2900  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:23:34.0427 0x2900  WindowsTrustedRTProxy - ok
22:23:34.0448 0x2900  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:23:34.0462 0x2900  WinHttpAutoProxySvc - ok
22:23:34.0467 0x2900  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
22:23:34.0468 0x2900  WinMad - ok
22:23:34.0480 0x2900  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:23:34.0485 0x2900  Winmgmt - ok
22:23:34.0492 0x2900  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
22:23:34.0496 0x2900  WinNat - ok
22:23:34.0568 0x2900  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:23:34.0612 0x2900  WinRM - ok
22:23:34.0623 0x2900  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
22:23:34.0625 0x2900  WINUSB - ok
22:23:34.0629 0x2900  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
22:23:34.0631 0x2900  WinVerbs - ok
22:23:34.0648 0x2900  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
22:23:34.0659 0x2900  wisvc - ok
22:23:34.0711 0x2900  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
22:23:34.0747 0x2900  WlanSvc - ok
22:23:34.0795 0x2900  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
22:23:34.0827 0x2900  wlidsvc - ok
22:23:34.0859 0x2900  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
22:23:34.0878 0x2900  wlpasvc - ok
22:23:34.0884 0x2900  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
22:23:34.0884 0x2900  WmiAcpi - ok
22:23:34.0896 0x2900  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:23:34.0899 0x2900  wmiApSrv - ok
22:23:34.0902 0x2900  WMPNetworkSvc - ok
22:23:34.0910 0x2900  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:23:34.0916 0x2900  Wof - ok
22:23:34.0956 0x2900  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
22:23:34.0984 0x2900  workfolderssvc - ok
22:23:34.0992 0x2900  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
22:23:34.0996 0x2900  WPDBusEnum - ok
22:23:35.0001 0x2900  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:23:35.0002 0x2900  WpdUpFltr - ok
22:23:35.0012 0x2900  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
22:23:35.0019 0x2900  WpnService - ok
22:23:35.0025 0x2900  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
22:23:35.0029 0x2900  WpnUserService - ok
22:23:35.0034 0x2900  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:23:35.0035 0x2900  ws2ifsl - ok
22:23:35.0043 0x2900  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
22:23:35.0049 0x2900  wscsvc - ok
22:23:35.0052 0x2900  WSearch - ok
22:23:35.0105 0x2900  [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
22:23:35.0142 0x2900  wuauserv - ok
22:23:35.0149 0x2900  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
22:23:35.0151 0x2900  WudfPf - ok
22:23:35.0159 0x2900  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
22:23:35.0163 0x2900  WUDFRd - ok
22:23:35.0169 0x2900  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
22:23:35.0173 0x2900  wudfsvc - ok
22:23:35.0181 0x2900  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:23:35.0185 0x2900  WUDFWpdFs - ok
22:23:35.0217 0x2900  [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
22:23:35.0239 0x2900  WwanSvc - ok
22:23:35.0278 0x2900  X6va064 - ok
22:23:35.0295 0x2900  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
22:23:35.0310 0x2900  xbgm - ok
22:23:35.0334 0x2900  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
22:23:35.0350 0x2900  XblAuthManager - ok
22:23:35.0377 0x2900  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
22:23:35.0395 0x2900  XblGameSave - ok
22:23:35.0405 0x2900  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
22:23:35.0410 0x2900  xboxgip - ok
22:23:35.0414 0x2900  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
22:23:35.0417 0x2900  XboxGipSvc - ok
22:23:35.0443 0x2900  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
22:23:35.0460 0x2900  XboxNetApiSvc - ok
22:23:35.0466 0x2900  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
22:23:35.0467 0x2900  xinputhid - ok
22:23:35.0469 0x2900  ================ Scan global ===============================
22:23:35.0473 0x2900  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
22:23:35.0479 0x2900  [ A5AE05D3674CBA5DD28C5580E238B059, 5298CF9CEB84FBDC7CAD9969CAFE7D9FFFCA625D50F8BDF877FCEAE8426375F7 ] C:\WINDOWS\system32\winsrv.dll
22:23:35.0486 0x2900  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
22:23:35.0500 0x2900  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
22:23:35.0509 0x2900  [ Global ] - ok
22:23:35.0510 0x2900  ================ Scan MBR ==================================
22:23:35.0512 0x2900  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:23:35.0519 0x2900  \Device\Harddisk0\DR0 - ok
22:23:35.0523 0x2900  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:23:35.0528 0x2900  \Device\Harddisk1\DR1 - ok
22:23:35.0530 0x2900  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
22:23:35.0731 0x2900  \Device\Harddisk2\DR2 - ok
22:23:35.0737 0x2900  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR4
22:23:35.0741 0x2900  \Device\Harddisk3\DR4 - ok
22:23:35.0741 0x2900  ================ Scan VBR ==================================
22:23:35.0744 0x2900  [ 4405DA24B878BA12E7DD71A2C1D24C66 ] \Device\Harddisk0\DR0\Partition1
22:23:35.0747 0x2900  \Device\Harddisk0\DR0\Partition1 - ok
22:23:35.0752 0x2900  [ 864ED9C8B20D4A5DF1D23C5473600224 ] \Device\Harddisk1\DR1\Partition1
22:23:35.0754 0x2900  \Device\Harddisk1\DR1\Partition1 - ok
22:23:35.0758 0x2900  [ 9AC6130F347A12147C366AE1001A5E6A ] \Device\Harddisk2\DR2\Partition1
22:23:35.0760 0x2900  \Device\Harddisk2\DR2\Partition1 - ok
22:23:35.0762 0x2900  [ 84703339C17E33996CDA5D68593C0233 ] \Device\Harddisk2\DR2\Partition2
22:23:35.0763 0x2900  \Device\Harddisk2\DR2\Partition2 - ok
22:23:35.0766 0x2900  [ 5DD0E640067B8F0C19FF17640F024D87 ] \Device\Harddisk3\DR4\Partition1
22:23:35.0767 0x2900  \Device\Harddisk3\DR4\Partition1 - ok
22:23:35.0767 0x2900  ================ Scan generic autorun ======================
22:23:35.0768 0x2900  SecurityHealth - ok
22:23:35.0841 0x2900  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] F:\ANTI-MALWARE\mbamtray.exe
22:23:35.0934 0x2900  Malwarebytes TrayApp - ok
22:23:35.0941 0x2900  [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\WINDOWS\system32\rundll32.exe
22:23:35.0944 0x2900  ShadowPlay - ok
22:23:35.0949 0x2900  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:23:35.0951 0x2900  Avira SystrayStartTrigger - ok
22:23:35.0977 0x2900  [ 323B5D30CEA1179661F03E87B95B79D8, 1F3A11B908FF01D850DA71EF8FD4CD4D60C3EA76DDF308DA090C4EBF752599CE ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
22:23:35.0990 0x2900  avgnt - ok
22:23:36.0438 0x2900  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:23:36.0840 0x2900  OneDriveSetup - ok
22:23:37.0251 0x2900  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:23:37.0528 0x2900  OneDriveSetup - ok
22:23:37.0655 0x2900  [ A69BC7203E0BFFEE8215C0913D02CB55, A4130AC877EEBAFD8F12B39807B36607CA3C3DD8F0CE365A5F976E690E112C03 ] F:\Steam\steam.exe
22:23:37.0696 0x2900  Steam - ok
22:23:37.0718 0x2900  [ 5C9960660DC2D5C8A94FFA7A8174A0BA, 0143AC161EA7BC59F6E1FC86948E9CFBC41CB068D6D118BBAB0250789222538A ] C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
22:23:37.0731 0x2900  Google Update - ok
22:23:37.0732 0x2900  Waiting for KSN requests completion. In queue: 237
22:23:38.0764 0x2900  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.27.34 ), 0x42000 ( disabled : updated )
22:23:38.0767 0x2900  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
22:23:38.0767 0x2900  AV detected via SS2: Malwarebytes, F:\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x60000 ( disabled : updated )
22:23:38.0781 0x2900  Win FW state via NFP2: enabled ( trusted )
22:23:38.0877 0x2900  ============================================================
22:23:38.0877 0x2900  Scan finished
22:23:38.0877 0x2900  ============================================================
22:23:38.0891 0x1fd0  Detected object count: 0
22:23:38.0891 0x1fd0  Actual detected object count: 0

M-K-D-B · 08.07.2017, 13:49

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

Nuclear2015 · 08.07.2017, 18:58

Code:

ATTFilter

# AdwCleaner v6.047 - Bericht erstellt am 08/07/2017 um 19:49:34
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-07-07.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Dani - DANI-PC
# Gestartet von : C:\Users\Dani\Downloads\adwcleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkpefbllpconnkfpdgagkifmflckkdp


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfkpefbllpconnkfpdgagkifmflckkdp_0.localstorage
[-] Datei gelöscht: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfkpefbllpconnkfpdgagkifmflckkdp_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\google-chrome-canary.en.softonic.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\google-chrome-canary.en.softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\iinglghmhcgdgjjlafobajghjamdchik


***** [ Browser ] *****

[-] [C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: cfkpefbllpconnkfpdgagkifmflckkdp
[-] [C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: iinglghmhcgdgjjlafobajghjamdchik
[-] [C:\Users\Dani\AppData\Local\Google\Chrome SxS\User Data\Default] [extension] Gelöscht: cfkpefbllpconnkfpdgagkifmflckkdp
[-] [C:\Users\Dani\AppData\Local\Google\Chrome SxS\User Data\Default] [extension] Gelöscht: iinglghmhcgdgjjlafobajghjamdchik


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2610 Bytes] - [08/07/2017 19:49:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [2918 Bytes] - [08/07/2017 19:41:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2756 Bytes] ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 08.07.17
Scan-Zeit: 19:52
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2320
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.413)
CPU: x64
Dateisystem: NTFS
Benutzer: Dani-PC\Dani

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 360627
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 0 Min., 52 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von Dani (Administrator) auf DANI-PC (08-07-2017 19:56:41)
Gestartet von C:\Users\Dani\Downloads
Geladene Profile: Dani &  (Verfügbare Profile: Dani)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) F:\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) F:\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Valve Corporation) F:\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Malwarebytes) F:\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => F:\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Google Update] => C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-04] (Google Inc.)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\...\Run: [Google Update] => C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-04] (Google Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d12433c7-a8af-4504-a245-2fa50ea1b0ae}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914: @tools.google.com/Google Update;version=3 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914: @tools.google.com/Google Update;version=9 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.ch/
CHR StartupUrls: Default -> "hxxps://www.google.ch/?gws_rd=ssl"
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default [2017-07-08]
CHR Extension: (Google Präsentationen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-05]
CHR Extension: (Google Docs) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-05]
CHR Extension: (Avira Safe Shopping) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2017-07-05]
CHR Extension: (Adblock Plus) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-05]
CHR Extension: (Google Tabellen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-05]
CHR Extension: (Google Docs Offline) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-05]
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-01]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-27] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-05-14] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MBAMService; F:\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-28] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-07-05] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-07-05] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-08] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-08] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-08 19:56 - 2017-07-08 19:56 - 00000000 ____D C:\Users\Dani\Downloads\FRST-OlderVersion
2017-07-08 19:55 - 2017-07-08 19:55 - 00001399 _____ C:\Users\Dani\Desktop\mbam.txt
2017-07-08 19:49 - 2017-07-08 19:49 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0B21108E.sys
2017-07-08 19:38 - 2017-07-08 19:49 - 00000000 ____D C:\AdwCleaner
2017-07-08 19:38 - 2017-07-08 19:38 - 04110280 _____ C:\Users\Dani\Downloads\adwcleaner_6.047.exe
2017-07-07 22:22 - 2017-07-07 22:27 - 00267624 _____ C:\TDSSKiller.3.1.0.15_07.07.2017_22.22.58_log.txt
2017-07-07 22:22 - 2017-07-07 22:22 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dani\Downloads\tdsskiller (1).exe
2017-07-07 22:22 - 2017-07-07 22:22 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dani\Downloads\Nicht bestätigt 181877.crdownload
2017-07-07 22:16 - 2017-07-07 22:16 - 00034701 _____ C:\Users\Dani\Downloads\Addition.txt
2017-07-07 22:15 - 2017-07-08 19:56 - 00016389 _____ C:\Users\Dani\Downloads\FRST.txt
2017-07-07 22:14 - 2017-07-08 19:56 - 00000000 ____D C:\FRST
2017-07-07 22:13 - 2017-07-08 19:56 - 02437120 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2017-07-05 18:11 - 2017-07-06 10:36 - 00029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va064_2017.07.06.16.24.10
2017-07-05 18:10 - 2017-07-08 17:51 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{96038A61-A79C-4135-B234-4C1AEDB6B652}
2017-07-05 18:09 - 2017-07-06 12:25 - 00000000 ____D C:\Users\Dani\AppData\Local\NVIDIA Corporation
2017-07-05 18:09 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-05 18:09 - 2017-06-27 22:27 - 00135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-05 18:04 - 2017-07-05 18:19 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashDumps
2017-07-05 18:04 - 2017-07-05 18:04 - 00000000 ____D C:\Users\Dani\AppData\Local\DBG
2017-07-05 17:57 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-05 17:57 - 2017-07-05 17:57 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-06-28 00:39 - 01903040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01489344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-05 17:54 - 2017-06-28 00:39 - 40239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35838912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 28953536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 13559376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12337296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12132272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 11501776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 10381664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 09982456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04208984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04163008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03709952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03595384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01067128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01004664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-05 17:50 - 2017-07-05 17:50 - 00000000 ____D C:\NVIDIA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-05 17:49 - 2017-07-05 17:49 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-05 17:49 - 2017-07-05 17:49 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-05 17:45 - 2017-07-05 17:46 - 00000000 ____D C:\Users\Dani\AppData\Local\MicrosoftEdge
2017-07-04 23:28 - 2017-07-04 23:28 - 00000000 ____D C:\Users\Dani\.QtWebEngineProcess
2017-07-04 19:27 - 2017-07-04 19:28 - 00000000 ____D C:\Windows.old
2017-07-04 19:27 - 2017-07-04 19:27 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-07-04 19:27 - 2017-07-04 19:27 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-04 19:27 - 2017-07-04 19:27 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-07-04 19:26 - 2017-07-04 19:26 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-04 19:26 - 2017-07-04 19:26 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-04 19:26 - 2017-07-04 19:26 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-04 19:26 - 2017-07-04 19:26 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-04 19:24 - 2017-07-04 19:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\inetpub
2017-07-04 19:23 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-04 19:23 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-04 19:22 - 2017-07-04 19:22 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-07-04 18:51 - 2017-07-04 18:51 - 00000000 ____D C:\Users\Dani\AppData\Local\Comms
2017-07-04 18:47 - 2017-07-04 18:47 - 00002384 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00001051 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-04 18:47 - 2017-03-17 22:00 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:54 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2017-07-04 18:47 - 2017-03-17 21:44 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2017-07-04 18:45 - 2017-07-04 23:21 - 00000000 ____D C:\Users\Dani\AppData\Local\Packages
2017-07-04 18:45 - 2017-07-04 18:45 - 00000020 ___SH C:\Users\Dani\ntuser.ini
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\TileDataLayer
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\Publishers
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\ConnectedDevicesPlatform
2017-07-04 18:39 - 2017-07-04 18:39 - 00000000 ____D C:\ProgramData\USOShared
2017-07-04 18:38 - 2017-07-08 19:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-04 18:38 - 2017-07-04 18:38 - 00004488 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-04 18:38 - 2017-07-04 18:38 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA
2017-07-04 18:38 - 2017-07-04 18:38 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core
2017-07-04 18:38 - 2017-07-04 18:38 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-07-04 18:37 - 2017-07-04 18:37 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-04 18:35 - 2017-07-04 18:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-04 18:33 - 2017-07-04 18:33 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-07-04 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-04 18:32 - 2017-07-08 19:56 - 02229184 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-08 19:49 - 00000000 ____D C:\Users\Dani
2017-07-04 18:32 - 2017-07-04 18:32 - 01931144 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Vorlagen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Startmenü
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Netzwerkumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Lokale Einstellungen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Eigene Dateien
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Druckumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Videos
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Musik
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Bilder
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Verlauf
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Anwendungsdaten
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Anwendungsdaten
2017-07-04 18:31 - 2017-07-08 08:21 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-04 18:31 - 2017-07-04 18:50 - 00394112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-04 18:31 - 2017-07-04 18:33 - 00000000 ____D C:\Users\Public\Creative
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-04 18:04 - 2017-07-04 18:45 - 00000000 ___DC C:\WINDOWS\Panther
2017-07-04 18:04 - 2017-07-04 18:13 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-04 18:04 - 2017-03-18 07:57 - 00023360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NXQuery.sys

Nuclear2015 · 08.07.2017, 18:59

Code:

ATTFilter

2017-07-04 17:38 - 2017-07-04 18:04 - 00000000 ____D C:\ESD
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 ___HD C:\$Windows.~WS
2017-07-04 17:16 - 2017-07-04 17:16 - 00000000 ____D C:\Users\Dani\AppData\Local\Adobe
2017-07-04 14:54 - 2017-07-08 17:50 - 00002510 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-07-04 14:54 - 2017-07-08 17:50 - 00002502 _____ C:\Users\Dani\Desktop\Google Chrome Canary.lnk
2017-07-03 21:02 - 2017-07-03 21:02 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashRpt
2017-07-03 21:00 - 2017-07-04 18:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackShot
2017-07-03 21:00 - 2017-07-03 21:00 - 00000716 _____ C:\Users\Dani\Desktop\BlackShot.lnk
2017-07-03 20:49 - 2017-07-03 20:49 - 02418992 _____ (Reloaded Technologies) C:\Users\Dani\Downloads\BlackShot_Downloader.exe
2017-07-03 09:14 - 2017-07-03 09:14 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Avira
2017-07-03 09:13 - 2017-07-05 19:20 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-07-03 09:13 - 2017-07-03 09:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-03 09:11 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\ProgramData\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-03 09:11 - 2017-07-03 09:11 - 00001212 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-03 09:10 - 2017-07-03 09:10 - 04806912 _____ (Avira Operations GmbH & Co. KG) C:\Users\Dani\Downloads\avira_de_av_5959edf5859b4__ws.exe
2017-07-03 04:05 - 2017-07-08 19:50 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 04:05 - 2017-07-08 19:50 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 04:05 - 2017-07-07 22:33 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 04:04 - 2017-07-08 19:50 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 04:04 - 2017-07-08 19:50 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 04:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 04:04 - 2017-07-03 04:04 - 00000604 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-03 04:04 - 2017-07-03 04:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 04:04 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-30 02:21 - 2017-06-30 02:21 - 00000000 ____D C:\Users\Dani\Documents\Benutzerdefinierte Office-Vorlagen
2017-06-30 02:07 - 2017-06-30 02:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-06-30 01:48 - 2017-07-04 18:47 - 00000000 ___RD C:\Users\Dani\OneDrive
2017-06-30 01:48 - 2017-07-01 01:23 - 00002139 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Skype
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-06-30 01:47 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-06-30 01:47 - 2017-06-30 01:47 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-30 01:38 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-30 01:38 - 2017-06-30 01:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-30 01:36 - 2017-07-08 19:49 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-30 01:35 - 2017-06-30 01:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-29 03:41 - 2017-06-29 03:41 - 00000831 _____ C:\Users\Dani\Desktop\Neues Textdokument.txt
2017-06-28 13:59 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2017-06-28 13:59 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2017-06-28 13:58 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-06-28 03:06 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2017-06-28 03:06 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-06-28 03:06 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2017-06-28 03:06 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2017-06-28 03:06 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpGroupPolicyExtension.dll
2017-06-28 03:05 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2017-06-28 02:58 - 2017-06-28 02:58 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Adobe
2017-06-28 02:37 - 2017-06-28 02:37 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsIntl.dll
2017-06-28 02:37 - 2017-06-28 02:37 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2017-06-28 02:36 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-06-28 02:35 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp_winip.dll
2017-06-28 02:35 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp_winip.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\UnrealEngine
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\TslGame
2017-06-28 00:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-06-28 00:30 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-06-28 00:30 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-06-28 00:30 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-06-28 00:30 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-06-28 00:30 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-06-28 00:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-06-28 00:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-06-28 00:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-06-28 00:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-06-28 00:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-06-28 00:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-06-28 00:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-06-28 00:29 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-06-27 23:13 - 2017-06-27 23:13 - 00000000 ____D C:\Users\Dani\Documents\League of Legends
2017-06-27 23:05 - 2017-06-27 23:05 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-27 23:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-27 23:04 - 2017-06-27 23:13 - 00000573 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-27 23:04 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-06-27 23:04 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-27 23:02 - 2017-06-27 23:05 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Riot Games
2017-06-27 20:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEUDINIT.EXE
2017-06-27 18:31 - 2012-06-02 16:57 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-06-27 18:19 - 2017-07-04 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gamigo
2017-06-27 18:19 - 2017-06-27 18:19 - 00000484 _____ C:\Users\Public\Desktop\Last Chaos DE.lnk
2017-06-27 18:16 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2017-06-27 18:13 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2016-09-15 16:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-06-27 18:11 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2017-06-27 18:10 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2017-06-27 17:51 - 2017-07-08 19:40 - 00000000 ____D C:\Users\Dani\AppData\Roaming\TS3Client
2017-06-27 17:51 - 2017-07-03 09:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-27 17:51 - 2017-06-30 14:20 - 00000000 ____D C:\Users\Dani\AppData\Local\TeamSpeak 3 Client
2017-06-27 17:51 - 2017-06-27 17:51 - 00001170 _____ C:\Users\Dani\Desktop\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00001128 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00000000 ____D C:\Users\Dani\.TeamSpeak 3
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-06-27 17:26 - 2017-06-27 17:26 - 00000202 _____ C:\Users\Dani\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-06-27 17:26 - 2017-06-27 17:26 - 00000000 ____D C:\Games
2017-06-27 17:24 - 2017-06-27 17:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-27 17:24 - 2017-06-27 17:24 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-27 17:23 - 2017-07-08 19:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-27 17:23 - 2017-06-27 23:03 - 06462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 02478712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-27 17:23 - 2017-06-27 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-27 17:23 - 2017-06-22 22:30 - 08076177 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-27 17:23 - 2017-05-19 17:52 - 00521624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-27 17:23 - 2017-05-19 17:52 - 00427416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-06-27 17:22 - 2017-06-27 17:22 - 00000146 _____ C:\Users\Dani\Desktop\Sound - Verknüpfung.lnk
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\Steam
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\CEF
2017-06-27 17:20 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-27 17:20 - 2017-06-27 17:20 - 00000518 _____ C:\Users\Public\Desktop\Steam.lnk
2017-06-27 17:18 - 2017-07-04 14:54 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Google
2017-06-27 17:17 - 2017-07-04 17:10 - 00000000 ____D C:\Users\Dani\AppData\Local\Google
2017-06-27 17:17 - 2017-07-04 14:51 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-27 17:17 - 2017-06-30 02:05 - 00114208 _____ C:\Users\Dani\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-27 17:17 - 2017-06-27 17:17 - 00000000 ____D C:\Users\Dani\AppData\Local\Apps\2.0
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Favoriten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 ____D C:\Users\Dani\AppData\Local\VirtualStore
2017-06-27 17:13 - 2009-07-14 20:18 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-08 19:56 - 2017-03-20 06:35 - 00971366 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-08 19:56 - 2017-03-20 06:35 - 00222128 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-08 19:49 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-08 17:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-07 23:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-07 20:31 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 10:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-05 18:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\servicing
2017-07-05 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\registration
2017-07-05 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-07-05 17:41 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-05 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-04 19:30 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-04 19:28 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-07-04 19:23 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-07-04 19:23 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-07-04 19:23 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-07-04 18:47 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-07-04 18:38 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-04 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-07-04 18:34 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-07-04 18:31 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-28 00:39 - 2017-05-19 17:48 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-28 00:39 - 2017-05-19 17:48 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-06-28 00:39 - 2017-05-19 14:22 - 00046373 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\SysWOW64\manifeststore
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\manifeststore
2017-06-27 17:12 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Einige Dateien in TEMP:
====================
2017-07-05 17:54 - 2017-05-01 22:14 - 0367552 _____ (NVIDIA Corporation) C:\Users\Dani\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-04 18:30

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von Dani (08-07-2017 19:57:12)
Gestartet von C:\Users\Dani\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-04 16:45:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4206118574-3175090919-1107652072-500 - Administrator - Disabled)
Dani (S-1-5-21-4206118574-3175090919-1107652072-1000 - Administrator - Enabled) => C:\Users\Dani
DefaultAccount (S-1-5-21-4206118574-3175090919-1107652072-503 - Limited - Disabled)
Gast (S-1-5-21-4206118574-3175090919-1107652072-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
BlackShot (HKLM-x32\...\BlackShot) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Google Chrome SxS) (Version: 61.0.3152.0 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\...\Google Chrome SxS) (Version: 61.0.3152.0 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Last Chaos DE Version 1.0 (HKLM-x32\...\Last Chaos DE_is1) (Version: 1.0 - gamigo AG)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version:  - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dani\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02C747A0-CBDB-45ED-B4CD-EBCC307FE953} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-28] (NVIDIA Corporation)
Task: {0BB0AF51-06FA-4010-AB78-4A0851DF5442} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {0C6B2128-7FDE-4BAC-B55C-B83718E648FB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0CF522ED-BC4E-426E-98BD-FC3DEBB6072D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {177A786D-D082-4F7F-A73A-A654AD73858A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-28] (NVIDIA Corporation)
Task: {1B3770B9-9F37-41D4-84EB-C4513DD5DC45} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B3BAEF5-44D7-4862-B628-428E6042CD0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {1F445B68-CEA2-410E-B6B7-CF17FB12224C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FC210DB-CFB6-4FB1-886A-F5BF26BB2FC6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {386E65DD-410C-4E5D-B783-B6BC9FF5C026} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E0566EE-CE76-4F52-8C21-5B9D5F936EE9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F37BDAF-4D02-4BD8-89F3-B45D6BA3E10F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42C0AE8B-899D-433D-96A3-B33807B4C506} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {49E3D5F6-C8EF-473B-8C0C-C98B6603FD5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4AC9665A-2369-4D70-B667-877AA82DB538} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51311C2D-F630-4863-81D4-908039347412} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {695D57A8-8BAE-4F23-B380-9F777D1F3F5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {700F2EDB-2D0C-4999-A329-040C4B9BAD83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {73389E0E-72D8-47E5-8509-05A2150A19B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {74DAD001-DFCA-4CB2-BD61-DC39DBF4876E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {8C182BD6-5A7B-4956-B177-44C09C537447} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-28] (NVIDIA Corporation)
Task: {8D3EE826-20A9-4B93-823C-5F37AEBB6CB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {997F60BA-9E57-41B4-97DE-B0B2E1F18578} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {9BA99027-96E9-43FC-A10F-EE4C572615FC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F73359B-A84D-429C-BACF-5017C3962267} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6CF6392-D249-4249-A9DC-E2803A8D1379} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6E6D7AD-7532-4BC9-9BCA-8AC860BEBB31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADF874C8-E456-4287-B035-DD7FEA67CC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {B8C6650A-6C28-4590-A49C-31F08D939188} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BAE779FA-0F0F-4B5B-BB14-7A66CF0BF96F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {BD288A26-BB6E-461F-9D2E-63B69017A1D5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {C96436D5-1360-4ADC-9B99-DA8825D08558} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {CCB7D9A6-13B4-4F3B-985C-1C5D1C69C801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-28] (NVIDIA Corporation)
Task: {DAF5F77F-1643-4472-9707-6D001791A23A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7B9A36B-7602-4606-9A5C-4E4FC4801264} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {EAE307B0-C2B3-400F-A96F-CAD1C81455FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECF921CE-15D8-473E-90BD-F7C2118DFD27} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F6973E5D-6986-4AC1-AC20-E39983006C38} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F88154E1-5FB2-48B0-9DB8-C1229355CB4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9702C02-A3E5-4A6E-8D2B-B9752EED362F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-03 04:04 - 2017-06-27 12:06 - 02260432 _____ () F:\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-05 18:33 - 2017-07-05 18:33 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-06-27 17:21 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\SDL2.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 02485536 _____ () F:\Steam\video.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 04969248 _____ () F:\Steam\v8.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00491008 _____ () F:\Steam\libavformat-56.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00332800 _____ () F:\Steam\libavresample-2.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 02549760 _____ () F:\Steam\libavcodec-56.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00442880 _____ () F:\Steam\libavutil-54.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00485888 _____ () F:\Steam\libswscale-3.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01563936 _____ () F:\Steam\icui18n.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01195296 _____ () F:\Steam\icuuc.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00877856 _____ () F:\Steam\bin\chromehtml.DLL
2017-06-27 17:21 - 2016-07-05 00:17 - 00266560 _____ () F:\Steam\openvr_api.dll
2017-06-27 17:22 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-27 17:22 - 2017-05-08 21:45 - 69516064 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00385312 _____ () F:\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244859\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244886\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017195244914\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{DC51976A-17D2-4F6D-A10E-F0BFD98C525A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8FF45727-16BE-4C92-AB08-BC6A3A950E1E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{03ADA37B-A613-4DB1-980D-999E6411ACA6}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{7CB0C492-B61B-45C0-A748-7ADBAB6FF19A}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{4B491A26-D6DB-4482-BA65-746F6E0BA602}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D19BE125-47E6-46A6-B074-3280BA9ECAA5}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe

==================== Wiederherstellungspunkte =========================

04-07-2017 18:52:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/08/2017 07:18:35 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-08T19:12:35Z. Error Code: 0x80070005.

Error: (07/08/2017 07:52:38 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-08T07:46:38Z. Error Code: 0x80070005.

Error: (07/08/2017 05:52:38 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-08T05:46:38Z. Error Code: 0x80070005.

Error: (07/08/2017 03:52:38 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-08T03:46:38Z. Error Code: 0x80070005.

Error: (07/08/2017 12:59:36 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-08T00:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 10:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T22:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 08:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T20:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 06:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T18:53:36Z. Error Code: 0x80070005.

Error: (07/07/2017 04:59:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-07T16:53:36Z. Error Code: 0x80070005.

Error: (07/06/2017 08:04:14 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-06T19:58:14Z. Error Code: 0x80070005.


Systemfehler:
=============
Error: (07/08/2017 07:50:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (07/08/2017 07:50:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/08/2017 07:49:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (07/08/2017 07:49:23 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA Display Container LS" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (07/08/2017 07:49:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2017 07:49:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2017 07:49:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2017 07:49:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2017 07:49:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2017 07:49:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-07-06 20:13:28.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:26.955
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:26.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:07:59.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:07:59.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8190.14 MB
Verfügbarer physikalischer RAM: 5189.46 MB
Summe virtueller Speicher: 16382.14 MB
Verfügbarer virtueller Speicher: 13044.13 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.12 GB) (Free:149.29 GB) NTFS
Drive d: () (Fixed) (Total:55.9 GB) (Free:39.39 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.41 GB) (Free:930.4 GB) NTFS
Drive g: (FAGGOT) (Removable) (Total:7.49 GB) (Free:7.48 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7B837974)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: A2450932)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 60275C42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 09.07.2017, 12:06

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Nuclear2015 · 09.07.2017, 18:23

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von Dani (09-07-2017 19:15:05) Run:2
Gestartet von C:\Users\Dani\Downloads
Geladene Profile: Dani (Verfügbare Profile: Dani)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2157244 B
Java, Flash, Steam htmlcache => -131072 B
Windows/system/drivers => -10474 B
Edge => 0 B
Chrome => 7631610 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 0 B
Dani => 39988 B

RecycleBin => 0 B
EmptyTemp: => 15 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:15:09 ====

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : DANI-PC
   Windows . . . . . . . : 10.0.0.15063.X64/8
   User name . . . . . . : Dani-PC\Dani
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-09 19:20:19
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 24s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 4

   Objects scanned . . . : 1.782.234
   Files scanned . . . . : 18.584
   Remnants scanned  . . : 503.253 files / 1.260.397 keys

Suspicious files ____________________________________________________________

   C:\Users\Dani\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.437.120 bytes
      Age  . . . . . . . : 1.9 days (2017-07-07 22:13:31)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 76943BD23F6AC55B502E2F3245E2609030DCCC7AA23FABE7B57D5AE76DF366AD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Dani\Downloads\FRST64.exe
      Size . . . . . . . : 2.437.120 bytes
      Age  . . . . . . . : 1.0 days (2017-07-08 19:56:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4022E7113E227ECC9481219D008BDFBC4DB5C0A72E5D174743B2E019761269FC
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -51.8s C:\Windows\Prefetch\DLLHOST.EXE-A3116DD0.pf
         -47.4s C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
         -47.4s C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
         -35.6s C:\Windows\Prefetch\DLLHOST.EXE-BB2E0C95.pf
         -31.6s C:\Windows\Prefetch\INSTALLAGENT.EXE-6A6745B1.pf
         -31.1s C:\Windows\Prefetch\INSTALLAGENTUSERBROKER.EXE-AAB93CC5.pf
         -29.8s C:\Windows\Prefetch\SVCHOST.EXE-00E8BA6C.pf
         -18.8s C:\Windows\Prefetch\DLLHOST.EXE-416293C1.pf
         -17.7s C:\Windows\Prefetch\SVCHOST.EXE-BD5F7697.pf
         -13.8s C:\Windows\Prefetch\DLLHOST.EXE-6D7294E2.pf
         -8.7s C:\Windows\Prefetch\RUNDLL32.EXE-17B75B37.pf
         -2.3s C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf
          0.0s C:\Users\Dani\Downloads\FRST64.exe
          1.0s C:\Windows\Prefetch\AUDIODG.EXE-D0D776AC.pf
          1.2s C:\Users\Dani\Downloads\FRST-OlderVersion\
          4.5s C:\Windows\Prefetch\FRST64.EXE-FF28B128.pf
          6.6s C:\Windows\Prefetch\DLLHOST.EXE-1DB0F299.pf
         11.0s C:\Windows\Prefetch\SVCHOST.EXE-7B2A1396.pf

   F:\Steam\CSERHelper.dll
      Size . . . . . . . : 122.864 bytes
      Age  . . . . . . . : 5.0 days (2017-07-04 18:47:34)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 5FE1B29AA7C2834F3AA85D61BE8340C4C99DBF9ACD9293894BC5327A3BDC8E3E
      Product  . . . . . : CSER Helper
      Publisher  . . . . : Valve
      Description  . . . : Debug Helper Routines
      Version  . . . . . : 4.50.000
      Copyright  . . . . : Copyright (c) Valve Corporation
      RSA Key Size . . . : 1024
      LanguageID . . . . : 1033
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 28.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Program is running but currently exposes no human-computer interface (GUI).
         Time indicates that the file appeared recently on this computer.
         The file is in use by one or more active processes.

M-K-D-B · 09.07.2017, 19:00

Gut gemacht.

Es fehlen nur noch ESET und FRST.

Nuclear2015 · 09.07.2017, 19:45

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b188120778cd48488eed9e772c78b1e8
# end=init
# utc_time=2017-07-09 05:24:02
# local_time=2017-07-09 07:24:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 33999
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b188120778cd48488eed9e772c78b1e8
# end=updated
# utc_time=2017-07-09 05:29:15
# local_time=2017-07-09 07:29:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b188120778cd48488eed9e772c78b1e8
# engine=33999
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-07-09 06:38:31
# local_time=2017-07-09 08:38:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 96 8292 3202396 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 436249 9758507 0 0
# scanned=466118
# found=0
# cleaned=0
# scan_time=4156

Bis jetzt ist alles wieder in ortnung und dafür danke ich dir sehr

Es wurde nicht einmal mehr einen neuen tab geöffnet.
Grüsse

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von Dani (09-07-2017 20:44:26)
Gestartet von C:\Users\Dani\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-04 16:45:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4206118574-3175090919-1107652072-500 - Administrator - Disabled)
Dani (S-1-5-21-4206118574-3175090919-1107652072-1000 - Administrator - Enabled) => C:\Users\Dani
DefaultAccount (S-1-5-21-4206118574-3175090919-1107652072-503 - Limited - Disabled)
Gast (S-1-5-21-4206118574-3175090919-1107652072-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
BlackShot (HKLM-x32\...\BlackShot) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Google Chrome SxS) (Version: 61.0.3152.0 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Last Chaos DE Version 1.0 (HKLM-x32\...\Last Chaos DE_is1) (Version: 1.0 - gamigo AG)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version:  - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dani\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4206118574-3175090919-1107652072-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-02] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\rarext.dll -> Keine Datei
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02C747A0-CBDB-45ED-B4CD-EBCC307FE953} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-28] (NVIDIA Corporation)
Task: {0BB0AF51-06FA-4010-AB78-4A0851DF5442} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {0C6B2128-7FDE-4BAC-B55C-B83718E648FB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0CF522ED-BC4E-426E-98BD-FC3DEBB6072D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {177A786D-D082-4F7F-A73A-A654AD73858A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-28] (NVIDIA Corporation)
Task: {1B3770B9-9F37-41D4-84EB-C4513DD5DC45} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B3BAEF5-44D7-4862-B628-428E6042CD0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {1F445B68-CEA2-410E-B6B7-CF17FB12224C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FC210DB-CFB6-4FB1-886A-F5BF26BB2FC6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {386E65DD-410C-4E5D-B783-B6BC9FF5C026} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E0566EE-CE76-4F52-8C21-5B9D5F936EE9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F37BDAF-4D02-4BD8-89F3-B45D6BA3E10F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42C0AE8B-899D-433D-96A3-B33807B4C506} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {49E3D5F6-C8EF-473B-8C0C-C98B6603FD5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4AC9665A-2369-4D70-B667-877AA82DB538} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51311C2D-F630-4863-81D4-908039347412} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {695D57A8-8BAE-4F23-B380-9F777D1F3F5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {700F2EDB-2D0C-4999-A329-040C4B9BAD83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA => C:\Users\Dani\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-04] (Google Inc.)
Task: {73389E0E-72D8-47E5-8509-05A2150A19B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-07-04] (Adobe Systems Incorporated)
Task: {74DAD001-DFCA-4CB2-BD61-DC39DBF4876E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {8C182BD6-5A7B-4956-B177-44C09C537447} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-28] (NVIDIA Corporation)
Task: {8D3EE826-20A9-4B93-823C-5F37AEBB6CB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {997F60BA-9E57-41B4-97DE-B0B2E1F18578} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)
Task: {9BA99027-96E9-43FC-A10F-EE4C572615FC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F73359B-A84D-429C-BACF-5017C3962267} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6CF6392-D249-4249-A9DC-E2803A8D1379} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6E6D7AD-7532-4BC9-9BCA-8AC860BEBB31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADF874C8-E456-4287-B035-DD7FEA67CC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)
Task: {B8C6650A-6C28-4590-A49C-31F08D939188} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BAE779FA-0F0F-4B5B-BB14-7A66CF0BF96F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {BD288A26-BB6E-461F-9D2E-63B69017A1D5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] ()
Task: {C96436D5-1360-4ADC-9B99-DA8825D08558} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {CCB7D9A6-13B4-4F3B-985C-1C5D1C69C801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-28] (NVIDIA Corporation)
Task: {DAF5F77F-1643-4472-9707-6D001791A23A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7B9A36B-7602-4606-9A5C-4E4FC4801264} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {EAE307B0-C2B3-400F-A96F-CAD1C81455FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECF921CE-15D8-473E-90BD-F7C2118DFD27} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F6973E5D-6986-4AC1-AC20-E39983006C38} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F88154E1-5FB2-48B0-9DB8-C1229355CB4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9702C02-A3E5-4A6E-8D2B-B9752EED362F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-05 18:33 - 2017-07-05 18:33 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-05 18:33 - 2017-07-05 18:33 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-05 17:49 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-06-27 17:21 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\SDL2.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 02485536 _____ () F:\Steam\video.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 04969248 _____ () F:\Steam\v8.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00491008 _____ () F:\Steam\libavformat-56.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00332800 _____ () F:\Steam\libavresample-2.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00442880 _____ () F:\Steam\libavutil-54.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 02549760 _____ () F:\Steam\libavcodec-56.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01563936 _____ () F:\Steam\icui18n.dll
2017-06-27 17:21 - 2016-09-01 03:02 - 01195296 _____ () F:\Steam\icuuc.dll
2017-06-27 17:21 - 2016-01-27 09:49 - 00485888 _____ () F:\Steam\libswscale-3.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00877856 _____ () F:\Steam\bin\chromehtml.DLL
2017-06-27 17:21 - 2016-07-05 00:17 - 00266560 _____ () F:\Steam\openvr_api.dll
2017-06-27 17:22 - 2017-05-08 21:45 - 69516064 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-27 17:22 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-27 17:21 - 2017-06-08 07:42 - 00385312 _____ () F:\Steam\steam.dll
2017-06-27 17:21 - 2015-09-25 01:52 - 00119208 _____ () F:\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{DC51976A-17D2-4F6D-A10E-F0BFD98C525A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8FF45727-16BE-4C92-AB08-BC6A3A950E1E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{03ADA37B-A613-4DB1-980D-999E6411ACA6}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{7CB0C492-B61B-45C0-A748-7ADBAB6FF19A}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{4B491A26-D6DB-4482-BA65-746F6E0BA602}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D19BE125-47E6-46A6-B074-3280BA9ECAA5}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{AE20943F-167E-4AB6-96AC-451EAEE1BEC3}C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{E0E32869-0A5C-4555-83F5-14EF5E955FB8}C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{A04D5470-FF4C-42EA-A434-A3EDE79A2076}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6E6E69FE-1893-4F79-A167-FFDE51EDA452}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

04-07-2017 18:52:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/09/2017 08:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 08:40:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 08:40:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:27:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:26:55 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-07-09T19:20:55Z. Error Code: 0x80070005.

Error: (07/09/2017 07:24:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:24:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\dani\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:23:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Dani\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:23:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Dani\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/09/2017 07:23:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Dani\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.


Systemfehler:
=============
Error: (07/09/2017 07:29:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/09/2017 07:29:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dani\AppData\Local\Temp\ehdrv.sys

Error: (07/09/2017 07:29:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/09/2017 07:29:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dani\AppData\Local\Temp\ehdrv.sys

Error: (07/09/2017 07:29:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/09/2017 07:29:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dani\AppData\Local\Temp\ehdrv.sys

Error: (07/09/2017 07:25:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/09/2017 07:25:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dani\AppData\Local\Temp\ehdrv.sys

Error: (07/09/2017 07:25:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/09/2017 07:25:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dani\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-07-08 21:32:50.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-08 21:29:45.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-08 21:28:42.787
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-08 21:26:30.294
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-08 21:25:55.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-06 20:13:28.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-07-06 20:13:28.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8190.14 MB
Verfügbarer physikalischer RAM: 4915.71 MB
Summe virtueller Speicher: 16382.14 MB
Verfügbarer virtueller Speicher: 12584.7 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.12 GB) (Free:149.56 GB) NTFS
Drive d: () (Fixed) (Total:55.9 GB) (Free:35.37 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.41 GB) (Free:930.4 GB) NTFS
Drive g: (FAGGOT) (Removable) (Total:7.49 GB) (Free:7.48 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7B837974)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: A2450932)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 60275C42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von Dani (Administrator) auf DANI-PC (09-07-2017 20:43:54)
Gestartet von C:\Users\Dani\Downloads
Geladene Profile: Dani (Verfügbare Profile: Dani)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) F:\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) F:\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) F:\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => F:\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4206118574-3175090919-1107652072-1000\...\Run: [Google Update] => C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-04] (Google Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d12433c7-a8af-4504-a245-2fa50ea1b0ae}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-30] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-06-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-30] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-4206118574-3175090919-1107652072-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dani\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-04] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.ch/
CHR StartupUrls: Default -> "hxxps://www.google.ch/?gws_rd=ssl"
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default [2017-07-09]
CHR Extension: (Google Präsentationen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-05]
CHR Extension: (Google Docs) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-05]
CHR Extension: (Avira Safe Shopping) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2017-07-05]
CHR Extension: (Adblock Plus) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-05]
CHR Extension: (Google Tabellen) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-05]
CHR Extension: (Google Docs Offline) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-05]
CHR Profile: C:\Users\Dani\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-09]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-02] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-27] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-05-14] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MBAMService; F:\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-28] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-07-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-07-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-07-05] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-07-05] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-09] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys [15625336 2017-06-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 19:23 - 2017-07-09 19:23 - 02870984 _____ (ESET) C:\Users\Dani\Downloads\esetsmartinstaller_deu.exe
2017-07-09 19:23 - 2017-07-09 19:23 - 00000000 ____D C:\Program Files (x86)\ESET
2017-07-09 19:19 - 2017-07-09 19:23 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-09 19:19 - 2017-07-09 19:19 - 11584088 _____ (SurfRight B.V.) C:\Users\Dani\Downloads\HitmanPro_x64.exe
2017-07-09 19:09 - 2017-07-09 19:15 - 00002072 _____ C:\Users\Dani\Downloads\Fixlog.txt
2017-07-08 23:38 - 2017-07-08 23:38 - 00521360 _____ (gamigo AG) C:\Users\Dani\Downloads\LastChaosDownloader_DE_VIP.exe
2017-07-08 23:29 - 2017-07-08 23:29 - 00029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va064_2017.07.08.21.57.05
2017-07-08 19:56 - 2017-07-08 19:56 - 00000000 ____D C:\Users\Dani\Downloads\FRST-OlderVersion
2017-07-08 19:55 - 2017-07-08 19:55 - 00001399 _____ C:\Users\Dani\Desktop\mbam.txt
2017-07-08 19:49 - 2017-07-08 19:49 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0B21108E.sys
2017-07-08 19:38 - 2017-07-08 19:49 - 00000000 ____D C:\AdwCleaner
2017-07-08 19:38 - 2017-07-08 19:38 - 04110280 _____ C:\Users\Dani\Downloads\adwcleaner_6.047.exe
2017-07-07 22:22 - 2017-07-07 22:27 - 00267624 _____ C:\TDSSKiller.3.1.0.15_07.07.2017_22.22.58_log.txt
2017-07-07 22:22 - 2017-07-07 22:22 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dani\Downloads\tdsskiller (1).exe
2017-07-07 22:22 - 2017-07-07 22:22 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dani\Downloads\Nicht bestätigt 181877.crdownload
2017-07-07 22:16 - 2017-07-08 19:57 - 00034290 _____ C:\Users\Dani\Downloads\Addition.txt
2017-07-07 22:15 - 2017-07-09 20:44 - 00015381 _____ C:\Users\Dani\Downloads\FRST.txt
2017-07-07 22:14 - 2017-07-09 20:43 - 00000000 ____D C:\FRST
2017-07-07 22:13 - 2017-07-08 19:56 - 02437120 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2017-07-05 18:11 - 2017-07-06 10:36 - 00029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va064_2017.07.06.16.24.10
2017-07-05 18:10 - 2017-07-09 18:55 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{96038A61-A79C-4135-B234-4C1AEDB6B652}
2017-07-05 18:09 - 2017-07-06 12:25 - 00000000 ____D C:\Users\Dani\AppData\Local\NVIDIA Corporation
2017-07-05 18:09 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-05 18:09 - 2017-06-27 22:27 - 00135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-05 18:09 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-05 18:09 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-05 18:04 - 2017-07-09 18:56 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashDumps
2017-07-05 18:04 - 2017-07-05 18:04 - 00000000 ____D C:\Users\Dani\AppData\Local\DBG
2017-07-05 17:57 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-05 17:57 - 2017-07-05 17:57 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-07-05 17:57 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-05 17:57 - 2017-06-28 00:39 - 01903040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01489344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-05 17:57 - 2017-06-28 00:39 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-05 17:54 - 2017-06-28 00:39 - 40239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35838912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 35314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 28953536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 13559376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12337296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 12132272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 11501776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 10381664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 09982456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04208984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 04163008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03709952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 03595384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438476.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01067128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 01004664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-05 17:54 - 2017-06-28 00:39 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-05 17:54 - 2017-06-28 00:39 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-05 17:50 - 2017-07-05 17:50 - 00000000 ____D C:\NVIDIA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-05 17:49 - 2017-07-05 17:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-05 17:49 - 2017-07-05 17:49 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-05 17:49 - 2017-07-05 17:49 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-05 17:45 - 2017-07-05 17:46 - 00000000 ____D C:\Users\Dani\AppData\Local\MicrosoftEdge
2017-07-04 23:28 - 2017-07-04 23:28 - 00000000 ____D C:\Users\Dani\.QtWebEngineProcess
2017-07-04 19:27 - 2017-07-04 19:28 - 00000000 ____D C:\Windows.old
2017-07-04 19:27 - 2017-07-04 19:27 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-07-04 19:27 - 2017-07-04 19:27 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-04 19:27 - 2017-07-04 19:27 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-04 19:27 - 2017-07-04 19:27 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-04 19:27 - 2017-07-04 19:27 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-04 19:26 - 2017-07-04 19:26 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-07-04 19:26 - 2017-07-04 19:26 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-04 19:26 - 2017-07-04 19:26 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-04 19:26 - 2017-07-04 19:26 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll

Nuclear2015 · 09.07.2017, 19:46

Code:

ATTFilter

2017-07-04 19:26 - 2017-07-04 19:26 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-04 19:26 - 2017-07-04 19:26 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-04 19:26 - 2017-07-04 19:26 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-04 19:26 - 2017-07-04 19:26 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-04 19:24 - 2017-07-04 19:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-04 19:23 - 2017-07-04 19:23 - 00000000 ____D C:\inetpub
2017-07-04 19:23 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-04 19:23 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-04 19:23 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-04 19:22 - 2017-07-04 19:22 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-07-04 18:51 - 2017-07-04 18:51 - 00000000 ____D C:\Users\Dani\AppData\Local\Comms
2017-07-04 18:47 - 2017-07-04 18:47 - 00002384 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00001051 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-07-04 18:47 - 2017-07-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-04 18:47 - 2017-03-17 22:00 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:54 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2017-07-04 18:47 - 2017-03-17 21:44 - 06238208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2017-07-04 18:47 - 2017-03-17 21:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2017-07-04 18:45 - 2017-07-04 23:21 - 00000000 ____D C:\Users\Dani\AppData\Local\Packages
2017-07-04 18:45 - 2017-07-04 18:45 - 00000020 ___SH C:\Users\Dani\ntuser.ini
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\TileDataLayer
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\Publishers
2017-07-04 18:45 - 2017-07-04 18:45 - 00000000 ____D C:\Users\Dani\AppData\Local\ConnectedDevicesPlatform
2017-07-04 18:39 - 2017-07-04 18:39 - 00000000 ____D C:\ProgramData\USOShared
2017-07-04 18:38 - 2017-07-09 19:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-07-04 18:38 - 2017-07-04 18:38 - 00004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-04 18:38 - 2017-07-04 18:38 - 00004488 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-04 18:38 - 2017-07-04 18:38 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000UA
2017-07-04 18:38 - 2017-07-04 18:38 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4206118574-3175090919-1107652072-1000Core
2017-07-04 18:38 - 2017-07-04 18:38 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-07-04 18:38 - 2017-07-04 18:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-07-04 18:37 - 2017-07-04 18:37 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-04 18:35 - 2017-07-04 18:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-04 18:33 - 2017-07-04 18:33 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-07-04 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-04 18:32 - 2017-07-09 19:22 - 02316754 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-08 20:00 - 00000000 ____D C:\Users\Dani
2017-07-04 18:32 - 2017-07-04 18:32 - 01931144 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Vorlagen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Startmenü
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Netzwerkumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Lokale Einstellungen
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Eigene Dateien
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Druckumgebung
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Videos
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Musik
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Documents\Eigene Bilder
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Verlauf
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\AppData\Local\Anwendungsdaten
2017-07-04 18:32 - 2017-07-04 18:32 - 00000000 _SHDL C:\Users\Dani\Anwendungsdaten
2017-07-04 18:31 - 2017-07-09 20:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-04 18:31 - 2017-07-04 18:50 - 00394112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-04 18:31 - 2017-07-04 18:33 - 00000000 ____D C:\Users\Public\Creative
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-04 18:31 - 2017-07-04 18:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-04 18:04 - 2017-07-04 18:45 - 00000000 ___DC C:\WINDOWS\Panther
2017-07-04 18:04 - 2017-07-04 18:13 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-04 18:04 - 2017-03-18 07:57 - 00023360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NXQuery.sys
2017-07-04 17:38 - 2017-07-04 18:04 - 00000000 ____D C:\ESD
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 ___HD C:\$Windows.~WS
2017-07-04 17:16 - 2017-07-04 17:16 - 00000000 ____D C:\Users\Dani\AppData\Local\Adobe
2017-07-04 14:54 - 2017-07-08 17:50 - 00002510 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-07-04 14:54 - 2017-07-08 17:50 - 00002502 _____ C:\Users\Dani\Desktop\Google Chrome Canary.lnk
2017-07-03 21:02 - 2017-07-03 21:02 - 00000000 ____D C:\Users\Dani\AppData\Local\CrashRpt
2017-07-03 21:00 - 2017-07-04 18:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackShot
2017-07-03 21:00 - 2017-07-03 21:00 - 00000716 _____ C:\Users\Dani\Desktop\BlackShot.lnk
2017-07-03 20:49 - 2017-07-03 20:49 - 02418992 _____ (Reloaded Technologies) C:\Users\Dani\Downloads\BlackShot_Downloader.exe
2017-07-03 09:14 - 2017-07-03 09:14 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Avira
2017-07-03 09:13 - 2017-07-05 19:20 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-07-03 09:13 - 2017-07-05 19:20 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-07-03 09:13 - 2017-07-03 09:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-03 09:11 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\ProgramData\Avira
2017-07-03 09:11 - 2017-07-03 09:13 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-03 09:11 - 2017-07-03 09:11 - 00001212 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-03 09:10 - 2017-07-03 09:10 - 04806912 _____ (Avira Operations GmbH & Co. KG) C:\Users\Dani\Downloads\avira_de_av_5959edf5859b4__ws.exe
2017-07-03 04:05 - 2017-07-09 19:16 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 04:05 - 2017-07-09 19:16 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 04:05 - 2017-07-07 22:33 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 04:04 - 2017-07-09 19:16 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 04:04 - 2017-07-09 19:16 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 04:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 04:04 - 2017-07-03 04:04 - 00000604 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-03 04:04 - 2017-07-03 04:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 04:04 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-30 02:21 - 2017-06-30 02:21 - 00000000 ____D C:\Users\Dani\Documents\Benutzerdefinierte Office-Vorlagen
2017-06-30 02:07 - 2017-06-30 02:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-06-30 01:48 - 2017-07-04 18:47 - 00000000 ___RD C:\Users\Dani\OneDrive
2017-06-30 01:48 - 2017-07-01 01:23 - 00002139 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Skype
2017-06-30 01:48 - 2017-06-30 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-06-30 01:47 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-06-30 01:47 - 2017-06-30 01:47 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-06-30 01:47 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-30 01:38 - 2017-06-30 01:47 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-30 01:38 - 2017-06-30 01:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-30 01:36 - 2017-07-08 19:49 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-30 01:35 - 2017-06-30 01:35 - 00000000 ____D C:\Users\Dani\AppData\Roaming\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-30 01:33 - 2017-06-30 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-29 03:41 - 2017-06-29 03:41 - 00000831 _____ C:\Users\Dani\Desktop\Neues Textdokument.txt
2017-06-28 13:59 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2017-06-28 13:59 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2017-06-28 13:58 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-06-28 03:06 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2017-06-28 03:06 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-06-28 03:06 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2017-06-28 03:06 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2017-06-28 03:06 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2017-06-28 03:06 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpGroupPolicyExtension.dll
2017-06-28 03:05 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2017-06-28 02:58 - 2017-06-28 02:58 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Adobe
2017-06-28 02:37 - 2017-06-28 02:37 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsIntl.dll
2017-06-28 02:37 - 2017-06-28 02:37 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2017-06-28 02:36 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-06-28 02:35 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp_winip.dll
2017-06-28 02:35 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp_winip.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-28 02:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\UnrealEngine
2017-06-28 00:30 - 2017-06-28 00:30 - 00000000 ____D C:\Users\Dani\AppData\Local\TslGame
2017-06-28 00:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-06-28 00:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-06-28 00:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-06-28 00:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-06-28 00:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-06-28 00:30 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-06-28 00:30 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-06-28 00:30 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-06-28 00:30 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-06-28 00:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-06-28 00:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-06-28 00:30 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-06-28 00:30 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-06-28 00:30 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-06-28 00:30 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-06-28 00:30 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-06-28 00:30 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-06-28 00:30 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-06-28 00:30 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-06-28 00:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-06-28 00:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-06-28 00:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-06-28 00:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-06-28 00:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-06-28 00:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-06-28 00:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-06-28 00:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-06-28 00:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-06-28 00:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-06-28 00:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-06-28 00:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-06-28 00:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-06-28 00:29 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-06-28 00:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-06-28 00:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-06-28 00:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-06-28 00:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-06-28 00:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-06-28 00:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-06-28 00:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-06-28 00:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-06-27 23:13 - 2017-06-27 23:13 - 00000000 ____D C:\Users\Dani\Documents\League of Legends
2017-06-27 23:05 - 2017-06-27 23:05 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-27 23:04 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-27 23:04 - 2017-06-27 23:13 - 00000573 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-27 23:04 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-06-27 23:04 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-27 23:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-27 23:02 - 2017-06-27 23:05 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Riot Games
2017-06-27 20:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEUDINIT.EXE
2017-06-27 18:31 - 2012-06-02 16:57 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-06-27 18:19 - 2017-07-04 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gamigo
2017-06-27 18:19 - 2017-06-27 18:19 - 00000484 _____ C:\Users\Public\Desktop\Last Chaos DE.lnk
2017-06-27 18:16 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2017-06-27 18:13 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-06-27 18:13 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-06-27 18:13 - 2016-09-15 16:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2017-06-27 18:12 - 2012-11-29 00:56 - 00000003 _____ C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-06-27 18:11 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2017-06-27 18:10 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2017-06-27 17:51 - 2017-07-09 19:06 - 00000000 ____D C:\Users\Dani\AppData\Roaming\TS3Client
2017-06-27 17:51 - 2017-07-03 09:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-27 17:51 - 2017-06-30 14:20 - 00000000 ____D C:\Users\Dani\AppData\Local\TeamSpeak 3 Client
2017-06-27 17:51 - 2017-06-27 17:51 - 00001170 _____ C:\Users\Dani\Desktop\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00001128 _____ C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-27 17:51 - 2017-06-27 17:51 - 00000000 ____D C:\Users\Dani\.TeamSpeak 3
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-06-27 17:46 - 2017-07-04 18:34 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-06-27 17:26 - 2017-06-27 17:26 - 00000202 _____ C:\Users\Dani\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-06-27 17:26 - 2017-06-27 17:26 - 00000000 ____D C:\Games
2017-06-27 17:24 - 2017-06-27 17:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-27 17:24 - 2017-06-27 17:24 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-27 17:23 - 2017-07-09 19:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 18:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-27 17:23 - 2017-07-05 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-27 17:23 - 2017-06-27 23:03 - 06462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 02478712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-27 17:23 - 2017-06-27 23:03 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-27 17:23 - 2017-06-27 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-27 17:23 - 2017-06-22 22:30 - 08076177 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-27 17:23 - 2017-05-19 17:52 - 00521624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-27 17:23 - 2017-05-19 17:52 - 00427416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-06-27 17:22 - 2017-06-27 17:22 - 00000146 _____ C:\Users\Dani\Desktop\Sound - Verknüpfung.lnk
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\Steam
2017-06-27 17:22 - 2017-06-27 17:22 - 00000000 ____D C:\Users\Dani\AppData\Local\CEF
2017-06-27 17:20 - 2017-07-04 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-27 17:20 - 2017-06-27 17:20 - 00000518 _____ C:\Users\Public\Desktop\Steam.lnk
2017-06-27 17:18 - 2017-07-04 14:54 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Google
2017-06-27 17:17 - 2017-07-04 17:10 - 00000000 ____D C:\Users\Dani\AppData\Local\Google
2017-06-27 17:17 - 2017-07-04 14:51 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-27 17:17 - 2017-06-30 02:05 - 00114208 _____ C:\Users\Dani\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-27 17:17 - 2017-06-27 17:17 - 00000000 ____D C:\Users\Dani\AppData\Local\Apps\2.0
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-27 17:14 - 2017-06-27 17:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Favoriten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-06-27 17:13 - 2017-06-27 17:13 - 00000000 ____D C:\Users\Dani\AppData\Local\VirtualStore
2017-06-27 17:13 - 2009-07-14 20:18 - 00000000 ____D C:\Users\Dani\AppData\Roaming\Media Center Programs

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 19:22 - 2017-03-20 06:35 - 01018430 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-09 19:22 - 2017-03-20 06:35 - 00235682 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-09 19:15 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-08 17:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-07 23:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-07 20:31 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 10:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-05 18:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-05 18:35 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\servicing
2017-07-05 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\registration
2017-07-05 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-07-05 17:41 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-05 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-04 19:30 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-04 19:28 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-04 19:27 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-07-04 19:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-07-04 19:23 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-07-04 19:23 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-07-04 19:23 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-07-04 19:23 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-07-04 19:23 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-07-04 19:23 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-07-04 19:23 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-07-04 19:23 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-07-04 18:47 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-04 18:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-07-04 18:38 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-04 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-07-04 18:37 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-07-04 18:34 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-04 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-04 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-07-04 18:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-07-04 18:31 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-07-04 18:31 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-04 18:18 - 2009-07-14 06:45 - 00014832 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-28 00:39 - 2017-05-19 17:48 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-28 00:39 - 2017-05-19 17:48 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-06-28 00:39 - 2017-05-19 14:22 - 00046373 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\SysWOW64\manifeststore
2017-06-27 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\manifeststore
2017-06-27 17:12 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-04 18:30

==================== Ende von FRST.txt ============================

M-K-D-B · 09.07.2017, 20:10

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Option 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png

Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg