Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Laptop clean? - Vorgeschichte - Hack des Mail Kontos

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.05.2019, 18:10   #1
gigas
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Hallo zusammen!

Ersteinmal ein "Hallo" an das Forum und vor allen Dingen Matthias, der so vielen Leuten hier hilft.
Ich finde das Forum total klasse und lese seit ein paar Tagen sehr aktiv.

Story:

Im November wurde mein Mailaccount gehackt. Ich hatte zum Glück mein Handy an und wurde nach 1,5h Stunden von zahlreichen "Ihr Passwort wurde erfolgreich geändert" Nachrichten überrascht, praktisch eine Kompromittierungskaskade. Es wurde alles Mögliche versucht und etwas hat auch geklappt (unauthorisierter Amazon Einkauf). Der Login stammt wohl vom großen Leak im November - wer beim Passwort nicht alterniert, hat den Schaden.

Habe in diesem Fall meine Lektion gelernt und habe alles auf 2-Faktor Authentifizierung umgestellt. Seit diesem Tag schiebe ich ein wenig Paranoia (zugegebenermaßen). Kam es vielleicht doch vom PC?. Habe mich eingelesen und der Horror schlechthin ist ja das RAT -und ich will einfach auf Nummer sicher gehen. Symptome habe ich bis auf allgemein langsames Booten (und manchmal langsames erstellen der Icons auf dem Dekstop) und bestabid.com redirects (Firefox Addon - Easy Youtube Mp3 /// gelöscht und gelöst) keine.

Ich nutze meinen Laptop nur noch selten. Ich habe Kaspersky drauf (ich kenne die Meinng der Experten JETZT und werde es entfernen) und habe gestern nochmal Malewarebytes laufen lassen. Ergebnis anbei.

Kaspersky war clean (hat aber auch die Adware bei Firefox nicht erkannt).

Malwarebytes hat dagegen 80 PUP.Optionals erkannt.

FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by berr (administrator) on berr-PC (SAMSUNG ELECTRONICS CO., LTD. 870Z5E/880Z5E/680Z5E) (02-05-2019 18:04:25)
Running from C:\Users\berr\Downloads
Loaded Profiles: berr &  (Available Profiles: berr)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) D:\Tools\New folder\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) D:\Tools\New folder\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) D:\Tools\New folder\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) D:\Tools\New folder\Framework\Common\avguix.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) [File not signed] C:\Users\berr\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays\app-2.1.6\Plays.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays-ltc\0.52.7\ltc_helper32-37670-7758e32.exe
(Plays.tv, Inc -> Plays.tv, Inc) C:\Users\berr\AppData\Local\Plays-ltc\0.52.7\PlaysTVComm.exe
(Polar Electro Oy) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Raptr, Inc -> Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr, Inc -> Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc -> Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\spdsvc.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Ulead Systems, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Spiele\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13286472 2013-02-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11586944 2012-06-18] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-23] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => D:\Tools\New folder\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [3170 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [503808 2009-06-12] () [File not signed]
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734095\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [Steam] => D:\Spiele\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [159768 2017-04-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1191936 2015-11-19] (Polar Electro Oy) [File not signed]
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [Google Update] => C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-04-13] (Google Inc -> Google LLC)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [MusicManager] => C:\Users\berr\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.) [File not signed]
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [Plays] => C:\Users\berr\AppData\Local\Plays\update.exe [1945736 2019-04-28] (Plays.tv, Inc -> )
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [80800 2019-04-04] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [Steam] => D:\Spiele\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [159768 2017-04-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1191936 2015-11-19] (Polar Electro Oy) [File not signed]
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [Google Update] => C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-04-13] (Google Inc -> Google LLC)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [MusicManager] => C:\Users\berr\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.) [File not signed]
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [Plays] => C:\Users\berr\AppData\Local\Plays\update.exe [1945736 2019-04-28] (Plays.tv, Inc -> )
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [80800 2019-04-04] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [32768 2006-03-06] (Ulead Systems, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2004-07-23] (Ulead Systems, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F50AE32-5776-4F83-B4F4-B54CFFB9F4BB} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2018-01-28] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {1258DC77-F9AE-4620-9F77-06B18E7347C3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-14] (Adobe Inc. -> Adobe)
Task: {19D8ABC9-CA43-4938-8798-CAC57372F4B3} - System32\Tasks\{6EB36362-8D27-4662-A7B6-E872FA8D4686} => C:\Windows\system32\pcalua.exe -a C:\Users\berr\Downloads\956875-up-01-ml-Treiber_RENKFORCE_BR116_USB2_de_en\Setup.exe -d C:\Users\berr\Downloads\956875-up-01-ml-Treiber_RENKFORCE_BR116_USB2_de_en
Task: {1B69B73F-004C-407E-AD82-E0E5EEA41E89} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2559D026-516C-429C-ACAF-8880BD0A5BEC} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [3148800 2015-08-19] (Samsung Electronics CO., LTD.) [File not signed]
Task: {31134E5C-225D-4662-B9C9-62A797942DDE} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {39D50CD4-6847-419D-A778-90AFC156102F} - System32\Tasks\AdobeAAMUpdater-1.0-berr-PC-berr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {528704F0-7C7C-430A-A8EA-F05BCE85F607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-07] (Google Inc -> Google Inc.)
Task: {57F410D5-D698-4BCD-8985-1708EE8CB11F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5B24752A-2901-40A4-B863-70E75D1AD2F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-130187162-3624970289-3089580861-1000UA => C:\Users\berr\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-09-12] (Google Inc -> Google Inc.)
Task: {5F1DD0FE-5C5D-4DF6-8477-D87CE5C53EC8} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {72D02271-8139-432B-A682-599D3B0F46E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-14] (Adobe Inc. -> Adobe)
Task: {76796DA7-F581-4670-AE15-5D6FAD346A6A} - System32\Tasks\EasySettings_config => C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe [2624048 2013-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {78EBE293-973D-40B3-BE63-71119857F197} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {795C8327-B6E0-4878-AB98-4CEB302DDB77} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-07] (Google Inc -> Google Inc.)
Task: {895CDDE7-C2EC-480F-96E5-7DCC9A942BB2} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\SCCSpeedBoot.exe [3397168 2013-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {8BC6EBAD-B518-463E-AD0E-25881728FAE5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9C245D2B-9418-4DD4-84B7-CA932D5D6E11} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => D:\Tools\New folder\AVG PC TuneUp\tuscanx.exe [2673664 2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {A468FBA1-FF81-4A7A-9624-4A3601F1EF32} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2982184 2016-02-24] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {B26C456C-B7EE-43F3-A41C-4364E589FE63} - System32\Tasks\{E0F02105-ED9F-4BE1-8CEB-FD34D31BAD7B} => C:\Windows\system32\pcalua.exe -a C:\Users\berr\Downloads\windirstat1_1_2_setup.exe -d C:\Users\berr\Downloads
Task: {B2BBACEB-18C8-4908-9442-2B52D7D6791E} - System32\Tasks\Samsung Update Configuration => C:\ProgramData\Samsung\SamsungUpdateConfiguration\ModifyServerRefresh.exe [3440800 2019-03-12] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {BF0DA9AE-0CCF-4638-BACA-DEC02136BFA9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {C10FD54B-F470-46C3-B068-10FDCDFCE0E7} - System32\Tasks\{2DF6862C-4565-44D0-B55E-719027E29C07} => C:\Windows\system32\pcalua.exe -a C:\Users\berr\Downloads\Nero_BurningROM2018-1.10.0.14_stub_trial.exe -d C:\Users\berr\Downloads
Task: {CE2C4DBE-C6C1-4E42-864C-DE60993D2A48} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-130187162-3624970289-3089580861-1000Core => C:\Users\berr\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-09-12] (Google Inc -> Google Inc.)
Task: {DC8D039B-BC49-40BA-BA24-453056EE44AF} - System32\Tasks\AVG EUpdate Task => D:\Tools\New folder\Setup\avgsetupx.exe [3661072 2016-12-07] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {E7B09E9D-CA32-4949-A763-D318C94DE667} - System32\Tasks\EasySettings => C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe [2624048 2013-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {EA259217-9AE6-4E7F-B0C4-8C3FFFC4D7CA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {F24A3A92-2D2F-471A-A685-B479BE3DFC7D} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [1607800 2013-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8BABA030-DA9B-49A6-9CCB-C7CC1DB9AD80}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000 -> {19164865-595F-4C59-80FA-8AA36E4C0302} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000 -> {909E61AB-C33F-4C52-8A1B-CFF032993652} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000 -> {B50A3A5A-11B3-4DBC-AB27-F67F690812FB} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000 -> {F935B871-EE03-4217-A3D4-39DDA5DFA21E} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247 -> {19164865-595F-4C59-80FA-8AA36E4C0302} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247 -> {909E61AB-C33F-4C52-8A1B-CFF032993652} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247 -> {B50A3A5A-11B3-4DBC-AB27-F67F690812FB} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247 -> {F935B871-EE03-4217-A3D4-39DDA5DFA21E} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375 [2019-05-02]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2018-09-02] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Google Translator for Firefox) - C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375\Extensions\translator@zoli.bod.xpi [2019-02-03]
FF Extension: (iMacros for Firefox) - C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2018-09-10]
FF Extension: (Web Developer) - C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2017-12-12]
FF Extension: (Greasemonkey) - C:\Users\berr\AppData\Roaming\Mozilla\Firefox\Profiles\ubfok7an.default-1492616856375\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-01-13]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-07-29]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-130187162-3624970289-3089580861-1000: @tools.google.com/Google Update;version=3 -> C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-130187162-3624970289-3089580861-1000: @tools.google.com/Google Update;version=9 -> C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247: @tools.google.com/Google Update;version=3 -> C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247: @tools.google.com/Google Update;version=9 -> C:\Users\berr\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-06-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [290184 2016-12-23] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
R2 avgsvc; D:\Tools\New folder\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387096 2017-04-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369688 2017-04-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [408600 2017-04-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2000-01-01] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55568 2013-03-28] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-01-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-04-04] (Locktime Software s.r.o. -> Locktime Software)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [491328 2015-12-05] (Samsung Electronics CO., LTD. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2018-03-01] (Samsung Electronics CO., LTD. -> )
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3296104 2016-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 TuneUp.UtilitiesSvc; D:\Tools\New folder\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6593536 2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48640 2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [41472 2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [28725640 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [521608 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-04-07] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-04-07] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2009-06-02] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-04] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtfltcoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [60928 2012-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5358464 2013-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [28944 2013-03-28] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [107280 2013-03-28] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119584 2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [85704 2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206024 2018-05-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\DRIVERS\klhk.sys [1214752 2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1074472 2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-05-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [142024 2018-07-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [107368 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-05] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178432 2019-04-04] (Locktime Software s.r.o. -> Locktime Software)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [418784 2016-08-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R1 SABI; C:\Windows\system32\Drivers\SABI.sys [13824 2013-02-27] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2018-09-08] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-04-14] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 TuneUpUtilitiesDrv; D:\Tools\New folder\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-09-19] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] (Microsoft Windows Hardware Compatibility Publisher ->  )
U3 ah3bbv71; C:\Windows\System32\Drivers\ah3bbv71.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 18:04 - 2019-05-02 18:06 - 000050649 _____ C:\Users\berr\Downloads\FRST.txt
2019-05-02 18:03 - 2019-05-02 18:04 - 000000000 ____D C:\FRST
2019-05-02 18:03 - 2019-05-02 18:03 - 002430464 _____ (Farbar) C:\Users\berr\Downloads\FRST64.exe
2019-05-02 17:56 - 2019-05-02 17:56 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-05-02 17:56 - 2019-05-02 17:56 - 000107368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-05-02 17:56 - 2019-05-02 17:56 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-05-02 17:55 - 2019-05-02 17:55 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-01 21:53 - 2019-05-01 21:53 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-05-01 21:53 - 2019-05-01 21:53 - 000000000 ____D C:\Users\berr\AppData\Local\mbamtray
2019-05-01 21:53 - 2019-05-01 21:53 - 000000000 ____D C:\Users\berr\AppData\Local\mbam
2019-05-01 21:52 - 2019-05-01 21:52 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-01 21:52 - 2019-05-01 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-01 21:52 - 2019-05-01 21:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-01 21:52 - 2019-05-01 21:52 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-01 21:52 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-01 21:50 - 2019-05-01 21:52 - 063166624 _____ (Malwarebytes ) C:\Users\berr\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10398.exe
2019-05-01 15:51 - 2019-05-01 15:51 - 001828569 _____ C:\Users\berr\Downloads\ProcessExplorer.zip
2019-05-01 15:51 - 2019-05-01 15:51 - 000000000 ____D C:\Users\berr\Downloads\ProcessExplorer
2019-05-01 07:57 - 2019-05-01 07:57 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-05-01 07:57 - 2019-05-01 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-01 07:51 - 2019-05-01 07:51 - 000001196 _____ C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2019-05-01 07:51 - 2019-05-01 07:51 - 000000000 ____D C:\Users\berr\AppData\Roaming\Locktime
2019-05-01 07:51 - 2019-05-01 07:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2019-05-01 07:51 - 2019-05-01 07:51 - 000000000 ____D C:\ProgramData\Locktime
2019-05-01 07:51 - 2019-05-01 07:51 - 000000000 ____D C:\Program Files\Locktime Software
2019-05-01 07:50 - 2019-05-01 07:50 - 007054000 _____ (Locktime Software) C:\Users\berr\Downloads\netlimiter-4.0.46.0.exe
2019-05-01 07:50 - 2019-05-01 07:50 - 000000000 ____D C:\Users\berr\AppData\Roaming\Locktime Software
2019-04-30 18:33 - 2019-04-30 18:33 - 000000000 ____D C:\Windows\System32\Tasks\Event Viewer Tasks
2019-04-28 20:17 - 2019-04-28 20:17 - 000000000 ____D C:\Users\berr\Downloads\Easy_Articulated_Playmobil_2.0
2019-04-28 20:11 - 2019-04-28 20:11 - 000001044 _____ C:\Users\Public\Desktop\ideaMaker.lnk
2019-04-28 20:11 - 2019-04-28 20:11 - 000000000 ____D C:\Users\berr\AppData\Local\Raise3D
2019-04-28 20:11 - 2019-04-28 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D
2019-04-28 20:10 - 2019-04-28 20:10 - 000000000 ____D C:\Program Files\Raise3D
2019-04-28 20:08 - 2019-04-28 20:09 - 057704488 _____ (Raise3D) C:\Users\berr\Downloads\install_ideaMaker_3.4.0.2855-beta.exe
2019-04-28 20:03 - 2019-04-28 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-28 20:01 - 2019-04-28 20:01 - 002364431 _____ C:\Users\berr\Downloads\Easy_Articulated_Playmobil_2.0.zip
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-04-14 22:56 - 2019-04-02 03:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-14 22:56 - 2019-03-29 03:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-14 22:56 - 2019-03-28 05:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-04-14 22:56 - 2019-03-28 03:55 - 000397120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-14 22:56 - 2019-03-26 08:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-14 22:56 - 2019-03-26 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-14 22:56 - 2019-03-26 08:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-14 22:56 - 2019-03-26 07:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-14 22:56 - 2019-03-26 07:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-14 22:56 - 2019-03-26 07:51 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-14 22:56 - 2019-03-26 07:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-14 22:56 - 2019-03-26 07:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-14 22:56 - 2019-03-26 07:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-14 22:56 - 2019-03-26 07:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-14 22:56 - 2019-03-26 07:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-14 22:56 - 2019-03-26 07:41 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-14 22:56 - 2019-03-26 07:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-14 22:56 - 2019-03-26 07:40 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-14 22:56 - 2019-03-26 07:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-14 22:56 - 2019-03-26 07:40 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-14 22:56 - 2019-03-26 07:40 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-14 22:56 - 2019-03-26 07:35 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-14 22:56 - 2019-03-26 07:31 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-14 22:56 - 2019-03-26 07:26 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-14 22:56 - 2019-03-26 07:26 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-14 22:56 - 2019-03-26 07:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-14 22:56 - 2019-03-26 07:22 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-14 22:56 - 2019-03-26 07:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-14 22:56 - 2019-03-26 07:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-14 22:56 - 2019-03-26 07:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-14 22:56 - 2019-03-26 07:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-14 22:56 - 2019-03-26 07:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-14 22:56 - 2019-03-26 07:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-14 22:56 - 2019-03-26 07:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-14 22:56 - 2019-03-26 07:07 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-14 22:56 - 2019-03-26 07:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-14 22:56 - 2019-03-26 07:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-14 22:56 - 2019-03-26 07:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-04-14 22:56 - 2019-03-26 07:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-14 22:56 - 2019-03-26 06:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-14 22:56 - 2019-03-26 06:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-04-14 22:56 - 2019-03-26 06:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-04-14 22:56 - 2019-03-26 06:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-14 22:56 - 2019-03-26 06:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-14 22:56 - 2019-03-26 06:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-14 22:56 - 2019-03-26 06:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-14 22:56 - 2019-03-26 06:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-04-14 22:56 - 2019-03-26 06:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-04-14 22:56 - 2019-03-26 06:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-04-14 22:56 - 2019-03-26 06:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-14 22:56 - 2019-03-26 06:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-14 22:56 - 2019-03-26 06:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-04-14 22:56 - 2019-03-26 06:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-14 22:56 - 2019-03-26 06:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-04-14 22:56 - 2019-03-26 06:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-04-14 22:56 - 2019-03-26 06:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-14 22:56 - 2019-03-26 06:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-04-14 22:56 - 2019-03-26 06:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-04-14 22:56 - 2019-03-26 06:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-14 22:56 - 2019-03-26 06:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-04-14 22:56 - 2019-03-26 06:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-04-14 22:56 - 2019-03-26 06:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-04-14 22:56 - 2019-03-26 06:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-14 22:56 - 2019-03-26 06:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-04-14 22:56 - 2019-03-26 06:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-04-14 22:56 - 2019-03-26 06:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-04-14 22:56 - 2019-03-26 06:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-14 22:56 - 2019-03-26 06:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-04-14 22:56 - 2019-03-26 06:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-04-14 22:56 - 2019-03-26 06:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-14 22:56 - 2019-03-21 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-14 22:56 - 2019-03-21 04:13 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-14 22:56 - 2019-03-21 04:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-14 22:56 - 2019-03-21 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-14 22:56 - 2019-03-21 04:13 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-14 22:56 - 2019-03-21 04:12 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-14 22:56 - 2019-03-21 04:12 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-14 22:56 - 2019-03-21 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-04-14 22:56 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-04-14 22:56 - 2019-03-21 04:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-04-14 22:56 - 2019-03-21 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-14 22:56 - 2019-03-21 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-14 22:56 - 2019-03-21 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-14 22:56 - 2019-03-21 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-14 22:56 - 2019-03-21 03:41 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-14 22:56 - 2019-03-21 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-14 22:56 - 2019-03-21 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-14 22:56 - 2019-03-21 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-04-14 22:56 - 2019-03-21 03:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-04-14 22:56 - 2019-03-21 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-14 22:56 - 2019-03-21 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-14 22:56 - 2019-03-21 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-14 22:56 - 2019-03-21 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-14 22:56 - 2019-03-21 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-14 22:56 - 2019-03-21 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-14 22:56 - 2019-03-21 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-14 22:56 - 2019-03-21 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-14 22:56 - 2019-03-21 03:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-04-14 22:56 - 2019-03-21 03:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-04-14 22:56 - 2019-03-21 03:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-04-14 22:56 - 2019-03-21 03:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-04-14 22:56 - 2019-03-21 03:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-04-14 22:56 - 2019-03-21 03:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-14 22:56 - 2019-03-21 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-14 22:56 - 2019-03-16 06:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-14 22:56 - 2019-03-16 06:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-14 22:56 - 2019-03-16 06:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-14 22:56 - 2019-03-16 06:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-14 22:56 - 2019-03-16 06:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-14 22:56 - 2019-03-16 05:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-14 22:56 - 2019-03-16 05:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-14 22:56 - 2019-03-16 05:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-04-14 22:56 - 2019-03-16 05:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-14 22:56 - 2019-03-13 17:09 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-14 22:56 - 2019-03-13 17:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-04-14 22:56 - 2019-03-13 16:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-14 22:56 - 2019-03-13 16:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-14 22:56 - 2019-03-12 16:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-14 22:56 - 2019-03-12 16:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-14 22:56 - 2019-03-12 16:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-14 22:56 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-14 22:56 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-14 22:56 - 2019-03-11 23:23 - 001112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-14 22:56 - 2019-03-11 23:22 - 000162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-14 22:56 - 2019-03-11 23:22 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-04-14 22:56 - 2019-02-21 17:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-14 22:56 - 2019-02-21 17:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-14 22:56 - 2019-02-21 17:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-14 22:56 - 2019-02-12 18:08 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-14 22:56 - 2019-02-12 18:08 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-14 22:56 - 2019-02-12 17:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-04-14 22:56 - 2019-02-12 17:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-04-14 22:56 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-14 22:56 - 2019-02-08 18:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-14 22:43 - 2019-04-01 16:55 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-04-13 11:12 - 2019-04-19 11:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-04 08:13 - 2019-04-04 08:13 - 000178432 _____ (Locktime Software) C:\Windows\system32\Drivers\nldrv.sys
2019-04-03 22:59 - 2019-04-23 14:13 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 18:04 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-02 18:04 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-02 17:59 - 2009-07-14 07:13 - 000783646 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-02 17:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-02 17:58 - 2018-12-31 14:58 - 000000000 ____D C:\Users\berr\AppData\Roaming\Plays
2019-05-02 17:58 - 2016-11-20 23:08 - 000000000 ____D C:\Users\berr\AppData\LocalLow\Mozilla
2019-05-02 17:58 - 2016-03-19 22:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-05-02 17:56 - 2016-03-24 19:39 - 000000000 ____D C:\Users\berr\AppData\Local\Adobe
2019-05-02 17:55 - 2016-05-28 00:18 - 000000898 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-05-02 17:55 - 2016-03-25 22:43 - 000000000 ____D C:\Users\berr\AppData\Roaming\Raptr
2019-05-02 17:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-01 23:13 - 2016-08-27 17:26 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-05-01 23:11 - 2016-05-28 00:18 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-05-01 10:01 - 2017-06-28 18:35 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-05-01 09:43 - 2017-09-16 17:01 - 000000000 ____D C:\Windows\rescache
2019-05-01 07:58 - 2017-04-20 19:21 - 000000000 ____D C:\Users\berr\AppData\Roaming\Skype
2019-05-01 07:57 - 2017-04-20 19:21 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-05-01 07:57 - 2017-04-20 19:21 - 000000000 ____D C:\ProgramData\Skype
2019-05-01 07:35 - 2016-04-10 12:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-30 18:12 - 2017-06-19 23:39 - 000000000 ____D C:\Users\berr\AppData\Local\WEB2Print
2019-04-30 18:10 - 2016-03-20 11:39 - 000000000 ____D C:\Users\berr\AppData\Local\ElevatedDiagnostics
2019-04-29 22:39 - 2018-09-08 18:22 - 000000000 ____D C:\Users\berr\AppData\Local\CrashDumps
2019-04-28 20:14 - 2016-03-24 19:41 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-28 20:13 - 2017-09-24 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-28 20:13 - 2016-08-07 22:56 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-28 20:13 - 2016-08-07 22:56 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-28 20:13 - 2016-08-07 22:56 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-28 20:03 - 2016-05-28 00:18 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-28 20:02 - 2018-12-31 14:58 - 000002150 _____ C:\Users\berr\Desktop\Plays.lnk
2019-04-28 20:02 - 2018-12-31 14:58 - 000000000 ____D C:\Users\berr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plays.tv, Inc
2019-04-28 20:02 - 2018-12-31 14:58 - 000000000 ____D C:\Users\berr\AppData\Local\Plays-ltc
2019-04-28 20:02 - 2018-12-31 14:58 - 000000000 ____D C:\Users\berr\AppData\Local\Plays
2019-04-28 20:01 - 2018-12-31 14:58 - 000000000 ____D C:\Users\berr\AppData\Local\SquirrelTemp
2019-04-22 20:29 - 2016-05-28 00:22 - 000000000 ___RD C:\Users\berr\Dropbox
2019-04-22 20:26 - 2018-08-26 14:04 - 000708608 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-19 11:41 - 2016-03-22 00:19 - 000000000 ____D C:\Users\berr\Desktop\Temp
2019-04-19 11:37 - 2017-02-05 01:17 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-19 11:37 - 2017-02-05 01:17 - 000000000 ____D C:\Windows\system32\MRT
2019-04-19 11:33 - 2016-03-20 12:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-14 23:00 - 2017-01-27 00:18 - 000000000 ____D C:\Program Files (x86)\AVG Driver Updater
2019-04-14 22:50 - 2018-03-17 18:29 - 000004454 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 22:50 - 2016-03-24 19:41 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-14 22:50 - 2016-03-24 19:41 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 22:50 - 2016-03-24 19:41 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-14 22:50 - 2016-03-24 19:41 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-14 22:40 - 2017-01-27 00:18 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-04-13 11:14 - 2017-09-12 22:45 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-130187162-3624970289-3089580861-1000UA
2019-04-13 11:14 - 2017-09-12 22:45 - 000003230 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-130187162-3624970289-3089580861-1000Core
2019-04-13 11:14 - 2016-08-07 22:55 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-13 11:14 - 2016-08-07 22:55 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-09-12 22:45 - 2017-09-12 22:51 - 007649280 _____ () C:\Program Files (x86)\GUT68B2.tmp
2017-09-24 15:15 - 2017-09-24 15:15 - 000000088 _____ () C:\Users\berr\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2017-09-24 15:15 - 2017-09-24 15:15 - 000000088 _____ () C:\Users\berr\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
2017-11-19 18:42 - 2018-01-14 11:28 - 000000034 _____ () C:\Users\berr\AppData\Roaming\AdobeWLCMCache.dat
2018-06-23 20:32 - 2018-06-23 20:32 - 000000600 _____ () C:\Users\berr\AppData\Roaming\PUTTY.RND
2017-09-24 15:15 - 2017-09-24 22:46 - 000000236 _____ () C:\Users\berr\AppData\Roaming\RO39-2M3Q
2016-08-15 19:41 - 2018-06-23 20:34 - 000000600 _____ () C:\Users\berr\AppData\Local\PUTTY.RND
2017-04-19 19:02 - 2017-04-19 19:02 - 000000552 _____ () C:\Users\berr\AppData\Local\TroubleshooterConfig.json
2016-12-10 11:59 - 2016-12-10 11:59 - 000000000 _____ () C:\Users\berr\AppData\Local\{09AD7CE3-693B-4778-BC59-2FB55FB68F1F}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-01 09:36
==================== End of FRST.txt ============================
         


Hoffe das passt so... hätte auch noch einen 2. Laptop, den ich gerne mal checken würde haha!!

Wäre sehr lieb von euch, wenn ihr mal draufschauen könntet. Ein "clean" wäre das beste, wa ich seit Wochen gehört hätte

Würde BTW auch sehr gerne etwas spenden, weil die Arbeit der Spezis hier sehr wertvoll ist und weil ich ausdrücken will, dass es doch einen Ort gibt, an dem ich mich persönlich gut aufgehoben fühle.

Alt 02.05.2019, 18:12   #2
gigas
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Add.
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by BERR (02-05-2019 18:07:11)
Running from C:\Users\BERR\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-03-19 02:18:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-130187162-3624970289-3089580861-500 - Administrator - Disabled)
BERR (S-1-5-21-130187162-3624970289-3089580861-1000 - Administrator - Enabled) => C:\Users\BERR
Guest (S-1-5-21-130187162-3624970289-3089580861-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
appsmaker DataRescue (HKLM-x32\...\appsmaker_datarescue_is1) (Version:  - appsmaker)
AVG Driver Updater (HKLM-x32\...\{A33DDD1E-0B9E-40D9-94AA-B0E6FA53E20F}) (Version: 2.5.5 - AVG Netherlands B.V) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.5.5 - AVG Netherlands B.V)
AVG PC TuneUp (HKLM-x32\...\{F0A7F6FC-97BC-4D27-B33B-6E1EFE1BB42D}) (Version: 16.78.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.78.3.33194 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Biet-O-Matic v2.14.14 (HKLM-x32\...\Biet-O-Matic v2.14.14) (Version: 2.14.14 - BOM Development Team)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.6.108.7905 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bragi Updater 1.1.2 (only current user) (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\2236fe7b-0124-5189-8691-9f23909db56e) (Version: 1.1.2 - Bragi GmbH)
Bragi Updater 1.1.2 (only current user) (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\2236fe7b-0124-5189-8691-9f23909db56e) (Version: 1.1.2 - Bragi GmbH)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Canon CanoScan LiDE 220 On-screen Manual (HKLM-x32\...\Canon CanoScan LiDE 220 On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.11.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
CanoScan LiDE 220 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4811) (Version: 1.00 - Canon Inc.)
Car Diagnostic Center 2016 Free Edition (HKLM-x32\...\Car Diagnostic Center 2016 Free Edition_is1) (Version:  - Marcel Beutner)
Catalyst Control Center Next Localization BR (HKLM\...\{34834274-D248-C417-747C-D116DBF78664}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{B3404CFD-64B2-138C-22EC-64EBAF2DF5D7}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{212EB1ED-AB0C-6E91-1B08-25151AA0DC3C}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4F374250-3B97-160A-5D2A-452AE7E70ED7}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{6298A202-9849-E30B-480F-2C0CEDEFACD0}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DBFEE72E-7001-28DC-88FF-777621EA148E}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{2F37C566-6CB7-B919-9432-9779A9FB6836}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{AB77F5E4-CDCF-F6FA-4D3E-36A6BB9EEF50}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{8193166C-B615-0D56-70D1-F908F34C4E5B}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{8BF4754B-EBE7-7D97-E1A2-54CBAFE5B8DF}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{4544D65D-607E-E0AB-5E72-A08F5049EC7C}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{C52624B1-12DB-AA8B-449E-08CA0FD2E50E}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{8EB916C5-A52A-8A98-BDC5-8856A19AAA3A}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{B3E0BF7A-0FCF-94D7-8C3A-19080A5E3BE7}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{228882CB-19B2-EE92-C820-03D8E2BF101B}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{572F3A60-4545-9042-BC72-D00B1794E5CD}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{CB6E1114-058D-D311-FC1A-D98C003328C8}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{F136EC46-15FB-FD82-9AB4-7ABB4DB04571}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{A91A7E4D-A2B2-BEB2-7ED3-5F729710441F}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{AD0AA617-CCDA-8FA5-9A82-1F6FFB8F7660}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{246F0517-D658-029A-A641-425EF639CFA8}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{E65DD8F5-F185-362F-5FE7-00627C73ED7C}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{88D3DDCC-8BB4-3228-D407-7A04B9B8A6E6}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B0B03591-83AB-D44B-1A0B-ABD29C43E656}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{539FE6EE-0BD2-6F1F-A48B-78D2CCAFD9BD}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{BB91383B-5A76-C2CB-4B7A-4D765FCDC834}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{0B949501-523D-0B7B-4577-775FDCFF13F0}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{C617CA3A-1296-7DFD-990F-F27A00E5FCA1}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{750E2AC4-7CD3-DA3C-F0F2-538252A990DE}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{91548629-F93E-5E9A-2F3B-C226488F8805}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{270CD87B-CCE1-F8D7-C4C5-406350DB6990}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{8A112EC0-D20F-1545-5F13-BBA0006FB3BD}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{6246C99A-865B-04BC-60DD-0460D6B0B225}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F1E1C881-6A24-CA60-58BF-6005B654CBEC}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{1A4779F8-961C-9FEF-4056-30B9A393F292}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{B52894B2-C906-A5CE-53A3-17C481369BBD}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{014A1FFF-4B25-00C0-D744-434AE84E842B}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{CC8CE2FE-0088-D5DD-8905-56192586E9A9}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{BF020F1B-4402-A4FD-2C8D-5B09561E113A}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{D17A971F-7161-89CF-F94F-85F8EFBE5E20}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{24ECF4ED-85F7-F6D1-A82D-567187220178}) (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{54492D91-38AD-4C4C-2C4C-3E9130751B02}) (Version: 2017.0113.1201.21594 - Advanced Micro Devices, Inc.) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
Cura 15.04.3 (HKLM-x32\...\Cura_15.04.3) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 71.4.108 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Easy Settings (HKLM-x32\...\{C73757DE-33F1-45D1-864A-C8BFEBC37366}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.24.20160418 - Landesfinanzdirektion Thüringen)
ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.)
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.7.1015 - DVDVideoSoft Ltd.)
FreeFileSync 8.10 (HKLM-x32\...\FreeFileSync_is1) (Version: 8.10 - www.FreeFileSync.org)
FreeRIP MP3 Converter 5.7.1.1 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.1.1 - GreenTree Applications SRL)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Harmony Remote Update (HKLM-x32\...\HarmonyRemoteUpdate) (Version: 7.7.1 - Logitech - HarmonyRemoteClient)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
iCloud (HKLM\...\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}) (Version: 6.2.1.67 - Apple Inc.)
ideaMaker 3.4.0.2855 (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\ideaMaker) (Version: 3.4.0.2855 - Raise3D)
ideaMaker 3.4.0.2855 (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\ideaMaker) (Version: 3.4.0.2855 - Raise3D)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{A10B1524-63B5-40F2-B272-D841CF671C16}) (Version: 2.2.0.0266 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e144fbd2-bf87-445f-b40b-93d61ca6bb7d}) (Version: 15.6.1 - Intel Corporation)
IntelliMemory (HKLM\...\{FD036936-76E3-4692-B322-A5F8DE79CC54}) (Version: 1.0.38.0 - Condusiv Technologies)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kies mini (HKLM-x32\...\{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Kies mini (HKLM-x32\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kindle Comic Converter (HKLM\...\{7D279A59-C65E-4DA7-B165-56DD06596216}_is1) (Version: 5.2.1 - Ciro Mattia Gonano, Paweł Jastrzębski)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LogoMaker 3.0 (HKLM-x32\...\LogoMaker_is1) (Version:  - Studio V5)
MAGIX Speed burnR (MSI) (HKLM\...\{5C0D0D8C-A304-47CA-81B3-65512C84981C}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{5C0D0D8C-A304-47CA-81B3-65512C84981C}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 (HKLM\...\{D84259BB-C291-4F1B-B6BD-2097C5FCFF07}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 (HKLM\...\MX.{D84259BB-C291-4F1B-B6BD-2097C5FCFF07}) (Version: 15.0.0.62 - MAGIX Software GmbH)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.31.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.31.1 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 66.0.3 (x64 de) (HKLM\...\Mozilla Firefox 66.0.3 (x64 de)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.4.0 - Mozilla)
Mozilla Thunderbird 60.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.4.0 (x86 de)) (Version: 60.4.0 - Mozilla)
MPU easy 4 Lernsoftware (HKLM-x32\...\MPUeasy4) (Version: 4.0 - Lück Mediafactory)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\MusicManager) (Version:  - Google, Inc.)
Music Manager (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\MusicManager) (Version:  - Google, Inc.)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
NetLimiter 4 (HKLM\...\{D3C40C22-B38C-4313-8887-C72D5E68B4AC}) (Version: 4.0.46.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.46.0) (Version: 4.0.46.0 - Locktime Software)
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Plays (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\Plays) (Version: 2.1.6 - Plays.tv, Inc)
Plays (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\Plays) (Version: 2.1.6 - Plays.tv, Inc)
Polar FlowSync version 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PuTTY release 0.68 (64-bit) (HKLM\...\{DB149DDE-903A-4B5E-93C4-46BBEC48F0C2}) (Version: 0.68.0.0 - Simon Tatham)
PX Profile Update (HKLM-x32\...\{08C39CFD-D68C-D2DE-22B1-7005D15DF6E9}) (Version: 1.00.1. - AMD) Hidden
Python 3.7.1 (Anaconda3 2018.12 64-bit) (HKLM\...\Python 3.7.1 (Anaconda3 2018.12 64-bit)) (Version: 2018.12 - Anaconda, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.11-r125663-release - Raptr, Inc)
RAR Password Cracker (HKLM-x32\...\RAR Password Cracker) (Version: 4.20 - dnSoft Research Group)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.62.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6844 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung CLX-3170 Series (HKLM-x32\...\Samsung CLX-3170 Series) (Version:  - Samsung Electronics CO.,LTD)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(5/25/2015) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17103.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17103.1 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (HKLM-x32\...\{9600B88C-BE14-4BEA-A529-F5F312900BA3}) (Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{006DD65B-ECE1-4E73-9EBD-E7051F5E31FD}) (Version: 2.2.42 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
schobuk 2.1 (HKLM-x32\...\schobuk_is1) (Version: schobuk 2.1 - )
Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Sothink Logo Maker Professional (HKLM-x32\...\{574FFDC9-AB09-4C4A-B7BE-C6066502181A}_is1) (Version: 4.4 - SourceTec Software Co., LTD)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2900 - DTS, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Logo Creator v6 6.0 (HKLM-x32\...\The Logo Creator v6) (Version: 6.0 - Laughingbird Software)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Ultimaker Cura 3.0 (HKLM-x32\...\Ultimaker Cura 3.0) (Version: 3.0.4 - Ultimaker)
Ultimaker Cura 3.2 (HKLM-x32\...\Ultimaker Cura 3.2) (Version: 3.2.1 - Ultimaker)
Ultimaker Cura 3.6 (HKLM-x32\...\Ultimaker Cura 3.6) (Version: 3.6.0 - Ultimaker)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VCDS-Lite 1.0 (HKLM-x32\...\VCDS-Lite  1.0) (Version: 1.0 - Ross-Tech)
VCDS-Lite 1.2 (HKLM-x32\...\VCDS-Lite  1.2) (Version: 1.2 - Ross-Tech)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1F8D8040-0BC8-11E5-85C5-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WD My Cloud (HKLM\...\{EB93D138-A35F-4EBF-90D9-FE80739B6A02}) (Version: 1.0.7.11 - Western Digital Technologies, Inc.)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinDirStat 1.1.2 (HKU\S-1-5-21-130187162-3624970289-3089580861-1000\...\WinDirStat) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\...\WinDirStat) (Version:  - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Adafruit Industries LLC (usbser) Ports  (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\124CD00616895BFBEA8CB26599398B83F46A34C2) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org))
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/10/2015 2.12.06) (HKLM\...\B85E5F21D69245012A4E4C2DFAF38615FC7CF7AA) (Version: 07/10/2015 2.12.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (08/16/2017 2.12.28) (HKLM\...\321E9C3B7C8E360B434912ED44CC222F08280048) (Version: 08/16/2017 2.12.28 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/10/2015 2.12.06) (HKLM\...\71B7FC12B248030B4BBBCA0C57826D74F64DB010) (Version: 07/10/2015 2.12.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (08/16/2017 2.12.28) (HKLM\...\018B67599606F0589EA4CA42AD4CC6B5C24388A0) (Version: 08/16/2017 2.12.28 - FTDI)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows Driver Package - Intel (NETwNs64) net  (04/30/2015 15.11.0.9) (HKLM\...\3A0A5AE912CC81290DB2E472F7DC4CF387C36211) (Version: 04/30/2015 15.11.0.9 - Intel)
Windows Driver Package - Intel (NETwNs64) net  (04/30/2015 15.17.0.1) (HKLM\...\6215B44C20BCFEEA55D04A5A510C7994E3C7E28F) (Version: 04/30/2015 15.17.0.1 - Intel)
Windows Driver Package - Intel (NETwNs64) net  (06/22/2015 18.11.0.8) (HKLM\...\95D750361316F93378C278E0FD6B87A7DBA8E680) (Version: 06/22/2015 18.11.0.8 - Intel)
Windows Driver Package - libusb-win32 (libusb0) libusb-win32 devices  (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Windows Driver Package - Linino (usbser) Ports  (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino)
Windows Driver Package - MPP FTDI MPP FTDI D2XX (07/10/2015 2.12.06) (HKLM\...\AE75E7BB03AE635BC4B46A6FEB8C196D1ECB9E16) (Version: 07/10/2015 2.12.06 - MPP FTDI)
Windows Driver Package - MPP FTDI MPP FTDI D2XX (08/16/2017 2.12.28) (HKLM\...\75398BFF73C29C011146C84A6BDA6CA67A8B25E5) (Version: 08/16/2017 2.12.28 - MPP FTDI)
Windows Driver Package - MPP FTDI MPP FTDI VCP (07/10/2015 2.12.06) (HKLM\...\D7425AF0A28D45EA5F609BA1D7184981A5C9F437) (Version: 07/10/2015 2.12.06 - MPP FTDI)
Windows Driver Package - MPP FTDI MPP FTDI VCP (08/16/2017 2.12.28) (HKLM\...\EBBD9947553A9582FD9EBC71BD40BAB80F35B2B1) (Version: 08/16/2017 2.12.28 - MPP FTDI)
Windows Driver Package - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
Windows Driver Package - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Windows Driver Package - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\F99E6C5A14B5EBAB27FDFE2637878DF8208069E7) (Version: 05/12/2014 2.10.00 - Ross-Tech)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{42BE62ED-203F-42B6-8CC4-DB0BD8895051}) (Version: 23.00.1146 - Buhl Data Service GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-130187162-3624970289-3089580861-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\BERR\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => D:\Tools\New folder\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-03-16] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2005-03-02] (Ulead Systems, Inc.) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => D:\Tools\New folder\AVG PC TuneUp\DseShExt-x64.dll [2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => D:\Tools\New folder\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2016-05-22 20:36 - 2015-03-12 04:43 - 000022528 _____ () [File not signed] C:\Windows\System32\us003lm.dll
2018-03-01 00:20 - 2017-06-14 14:57 - 000022528 _____ () [File not signed] C:\Windows\System32\us005lm.dll
2016-05-22 20:36 - 2015-03-12 04:43 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\us003pc.dll
2018-03-01 00:20 - 2017-06-14 14:57 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\us005pc.dll
2014-07-21 12:07 - 2014-07-21 12:07 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-08-27 15:32 - 2013-08-27 15:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2018-03-26 14:07 - 2018-03-26 14:07 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2016-03-28 21:28 - 2015-11-19 15:57 - 001191936 _____ (Polar Electro Oy) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
2009-12-23 23:34 - 2009-12-23 23:34 - 000370688 _____ (StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
2018-01-30 04:02 - 2018-01-30 04:02 - 005968896 _____ (Google Inc.) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
2016-05-04 21:37 - 2006-09-28 19:20 - 000049152 _____ (Ulead Systems, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2017-06-27 20:24 - 2009-06-12 00:10 - 000503808 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
2016-09-13 02:50 - 2016-09-13 02:50 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 02:50 - 2016-09-13 02:50 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 02:51 - 2016-09-13 02:51 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-04-22 21:11 - 2019-04-22 21:11 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM\e4447920f93e9b6882cdca38f614dbd9\MOM.ni.exe
2019-04-22 21:11 - 2019-04-22 21:11 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\a04184c4670487388aa237dfecd72be0\MOM.Implementation.ni.dll
2019-02-18 20:31 - 2019-02-18 20:31 - 000131584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\adb5d0ae614264fed308ec543ba7e3c3\LOG.Foundation.ni.dll
2019-02-18 20:31 - 2019-02-18 20:31 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\8a76357d1dd8c6b72ad077777ff8539b\LOG.Foundation.Private.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\2d139876ec21c7aee4ed27887f44add0\LOG.Foundation.Implementation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\6e374b58c426b27cb52282ef0122c495\MOM.Foundation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\0bf142bdd57c0b6c2b8c0485788287f3\LOG.Foundation.Implementation.Private.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\5ff8b9e72052b819a2617397cbaee4b5\CCC.Implementation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\86743b313e228bb050237cad099b2a72\NEWAEM.Foundation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC\8e2347fa4e75bbef76849516085f8c11\CCC.ni.exe
2019-02-18 20:33 - 2019-02-18 20:33 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\538dbc860553cfe975745368b7a6b9aa\CLI.Foundation.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\83f63963927604f6b6dd270cc7eec270\CLI.Foundation.XManifest.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\47c33ae53a9711bb49b4e95db4ef577e\CLI.Component.Runtime.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\d1168c62e3a60727a87e87dd30719816\CLI.Component.Runtime.Shared.Private.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2e5fff699b6f9c7274b61cbb2687d566\CLI.Foundation.Private.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\aba9bf44cd41f670caa1e8d49814a408\CLI.Component.Runtime.Shared.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\11fc20f145bac7355f9d48e354dae33a\ATICCCom.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\86c46e412b15078af519e4106cf3fac8\AEM.Server.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\befd4e5f17dd355c35bfaa295fa758a9\ADL.Foundation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\b43062aa678a60d14c62747640ff204b\AEM.Server.Shared.ni.dll
2019-03-17 09:37 - 2019-03-17 09:37 - 000275456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\58c285092ee600881977f7db99985575\AEM.Plugin.Source.Kit.Server.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\60eaf22c605548388d6c794585cda72e\CLI.Foundation.CoreAudioAPI.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\a359a86c259c7676bfda8e097af759f7\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\4b92b2b25f2ce0bee83ecc2f2078dea7\AEM.Plugin.WinMessages.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\d3e74857c3818a14e86f6103ee0d7163\DEM.Graphics.I0601.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\10989caf4046f704acdda094bf370d29\DEM.Foundation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\bdd68b6273ba2f98b1bd08755f8d8b45\DEM.Graphics.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\a8a43edb324bfa7940bdfca74b11302f\DEM.Graphics.I1010.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\e4e8d7b7c781bec1eb37432ca0e64184\CLI.Caste.Graphics.Runtime.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\5d9eeaed4b160c26229930a5c62ac029\CLI.Caste.Graphics.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\481a8a7b0b2676a53a4d1fbf2e2171c6\AEM.Plugin.GD.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\9456fb17f0069513aba9e80ab49532af\AEM.Actions.CCAA.Shared.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\10bcc2a89c57857811ec8b910534b3ac\DEM.Graphics.I0709.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\7e599ae0fe832d9efa3bada4ce27bd64\ResourceManagement.Foundation.Private.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\e4c106a19634f76e392bcaceab4c0f6a\DEM.Graphics.I0804.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\4fe811f37394fe5eda8491e28c237f73\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\ccdff98ed7d70624c2577c083a03c9b3\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\a2e0d4cc76c8b4afa6d8a573cb31b019\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\d2c8bc16c0c7bc1f6a2a6748d583f267\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\ed2fe119ab433e6511ee7abc99723963\DEM.Graphics.I0912.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\37ab395d1835accaf8b6fa0474e55c6b\DEM.Graphics.I0706.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\3b9a4257d13adf79969e3b76e980e896\DEM.Graphics.I0712.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 001131008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\ea66976d0c33458d035d11d7c334bd8e\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\99b2b15be7b2ed3ef60e44e896edd82c\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\ec89362c4a13fd493c74063884f2344c\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\e49c83aeb2b570e4967deb584a8b752f\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\87c01e9399626f81f28c7f2c8f3e09d5\DEM.Graphics.I0812.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\79f11cb834aa0f52c4990a807ff89494\DEM.Graphics.I0805.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\04e7994f4e1cfb4088b53f8cdf1d1c9a\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\bb54d213bb8495dfa134fdf5ccb6ff95\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000017920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\85ba9630be28cf1371639886bdbd2104\DEM.Graphics.I0703.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0f8bac01c5e78f1bf542a619f17a3c45\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\9dfdb93ae4b0b292be901aac00ca46ee\AEM.Plugin.REG.Shared.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\33689a2163f5c5cdbd497565777014c5\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\69f0a89ede992f4f2852f31c205ca108\DEM.Graphics.I0906.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\016e613fb0bd91bc970dc6f88b4e9eb0\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\e9b83affef56d901b3c29321901c27de\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\c4b12d2904627522590370a535b9317e\AEM.Plugin.DPPE.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000760832 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\0ebbc29bce4ef3f428f2f928c1cb43b0\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000349696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\d3928fca9ec5eaf821ada61c41a30f35\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\548990847665e7687370e288de7fad1b\DEM.Graphics.I0702.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\b056dbdc551da5bc2b7052e8ef50c939\DEM.Graphics.I0710.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\b86af92878aa364e447b04880bc3682c\DEM.Graphics.I0901.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\fee8954f272d64a6cdfdfc67c051c860\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\a14f60917e607588ec2e745ccfb535c0\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\33353655d9133dca065bc9df0e244a8a\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\4540a66410635bf21f973b59773dfc05\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\7a7afdc0e54e05b760f52274a7db645b\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\e48b1e95e0ec6cc41474e13f634df22e\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\0d011ea90d2de029856c3b6fe6bf4f01\Localization.Foundation.Private.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\9fe586cd17aed11625eb48098b17c6fe\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\46c525d6fe92b75f8e04ea5a56a8dfa2\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\fd2ac34af4eb3b30e9edb17d401d830c\CLI.Caste.Fuel.Runtime.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\96e70ad6c4a12d19ed8e924bed6e6a7f\CLI.Caste.Fuel.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\b4990deda8d70ef085cb3f0377ed02fa\Fuel.Foundation.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\d8936fd365d536185f4a68c95c81087a\CLI.Caste.Platform.Runtime.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\2dcabf6c491f481900effdb3aedde887\CLI.Caste.Platform.Shared.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\79c3265b085065d306fc288d5f31bf19\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\5ac2dd86db5a4ad4160fbe0367ecf748\CLI.Caste.HydraVision.Runtime.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\38aebf0182e5c603d3cc65240505afd9\CLI.Caste.HydraVision.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\be477ca8a05f6340c1bbb83435e47c7e\CLI.Caste.A4.Runtime.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\35235e646758ee2bd8fdaa9bc5fcc962\CLI.Caste.A4.Shared.ni.dll
2019-02-18 20:31 - 2019-02-18 20:31 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\ae79cda6aa52f2eb053a23e0ff43208c\A4.Foundation.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\6aafb7f264e265f3163e726f1838a2a5\APM.Server.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\dceaaccfc031d337956ff9584343b308\APM.Foundation.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\0f87f8e1206bdc098d8fd71396787d3b\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000910336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\bad5d096db2bec2f425c6665b355e9ab\CLI.Component.Dashboard.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\d5fa5360c18c9726be6a12aae1703dc9\CLI.Component.Client.Shared.Private.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\718865d8422c53b11516d35a35d38cad\CLI.Component.Client.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\45800c23b6554731d78eb1bf59f807f7\CLI.Component.Dashboard.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 001605632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\a954da4a91855e9d4fe7fbcd9e04e49c\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-02-18 20:33 - 2019-02-18 20:33 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\3b1397e43b227cb34a701bd69b48f0a1\AEM.Plugin.EEU.Shared.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000884736 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\cd45a0b64e4f4e838c942a018f5b60de\CLI.Component.Systemtray.ni.dll
2019-04-22 21:11 - 2019-04-22 21:11 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\6addef0b3a2a47576d6e1018eba45e44\ResourceManagement.Foundation.Implementation.ni.dll
2019-04-22 21:09 - 2019-04-22 21:09 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\d6e4588b2d024e7a869830bdec8edfe0\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000574976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\caad909726c60b29d92fec1e1e66cf3b\CLI.Caste.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 001537536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\f90b340ab56f0cb035f184e1483220e3\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\54f8646b92396aff51ba3fd0d580fd0b\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000270848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\18c07eb4d1439e00b3d9b4f4ddba58b7\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 007986176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\0fd8fd0c39df67df9c4570cd67472eb2\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\7463f37467cbe83268ccb6bffade4c47\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\34a0da44f16f7690499554ba8efb4507\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 006323200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\4b04b7c4c9ee6b2605d1493d6dfe6610\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 003282432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\b80d50eba05bd75afe59deab16bcefa1\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000665600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\96d1ec0884ddf1f215b57caed84209e8\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\c840592954a8953d75a42b66f7009b73\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000152064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\4a715473048e14f40a2c71b111f573b6\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000586240 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\8282d177290f656fec94bd579bdda535\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000094720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\9874c4062da9007d61d021182e324680\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000310784 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\c9295a67f1359437add2634d47aee5b2\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\7f0d00d62ebb2f6d8f9195126272f9ac\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\e03578fb37ed1dc62e99ec7022211354\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\74db34d3c2398bfb9a116598c59205f7\CLI.Caste.Fuel.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\c715ff2bf19f6c84e5eed6138c6789df\CLI.Caste.Platform.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\214752a1ccbaa13d9cedd83ea39a155a\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\6d17c51a5a524e2787e3a253ab6f2f95\CLI.Caste.A4.Dashboard.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 001052672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\f16c41b2dff0fc1c92c03d390fd51c09\CLI.Foundation.Client.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\b789160737167374626a2ed18e4c9a48\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-03-17 09:38 - 2019-03-17 09:38 - 002497536 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\de01e9c083e2ef6b7c5a3cf2e06fe302\Microsoft.WindowsAPICodePack.Shell.ni.dll
2019-02-18 20:34 - 2019-02-18 20:34 - 000332800 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\80418674b13d15cf0125a2c2b9060918\Microsoft.WindowsAPICodePack.ni.dll
2019-02-18 20:35 - 2019-02-18 20:35 - 001642496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\957c105bd115822a26fdd00f8f6fd781\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-03-17 13:18 - 2019-03-17 13:18 - 000486912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Component.Eeu\0eca664607b272fb3f95122015122293\CLI.Component.Eeu.ni.dll
2018-03-01 00:20 - 2016-07-20 12:15 - 002847744 ____N () [File not signed] C:\Windows\system32\DlgSearchEngine.dll
2016-03-28 21:28 - 2015-10-22 16:12 - 004652544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Core.dll
2016-03-28 21:28 - 2015-11-19 15:56 - 000407552 _____ (Polar Electro Oy) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\wslib.dll
2016-03-28 21:28 - 2015-11-19 15:56 - 001759232 _____ () [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2016-03-28 21:28 - 2015-10-12 21:16 - 000151552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Xml.dll
2016-03-28 21:28 - 2015-10-13 00:26 - 001147392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Script.dll
2016-03-28 21:28 - 2015-10-13 00:16 - 000200192 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKitWidgets.dll
2016-03-28 21:28 - 2015-10-12 21:21 - 004491264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Widgets.dll
2016-03-28 21:28 - 2015-10-12 21:18 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Gui.dll
2016-03-28 21:28 - 2015-10-13 00:08 - 017542656 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKit.dll
2016-03-28 21:28 - 2015-04-30 11:16 - 002036224 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icuin54.dll
2016-03-28 21:28 - 2015-04-30 11:16 - 001387008 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icuuc54.dll
2016-03-28 21:28 - 2015-04-30 11:16 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icudt54.dll
2016-03-28 21:28 - 2015-10-12 21:40 - 000145920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sensors.dll
2016-03-28 21:28 - 2015-10-12 21:51 - 000166400 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Positioning.dll
2016-03-28 21:28 - 2015-10-12 21:33 - 002423296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Quick.dll
2016-03-28 21:28 - 2015-10-12 21:30 - 002643968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Qml.dll
2016-03-28 21:28 - 2015-10-12 21:16 - 000858112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Network.dll
2016-03-28 21:28 - 2015-10-12 21:40 - 000560128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Multimedia.dll
2016-03-28 21:28 - 2015-10-12 21:52 - 000078336 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebChannel.dll
2016-03-28 21:28 - 2015-10-12 21:16 - 000151552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sql.dll
2016-03-28 21:28 - 2015-10-12 21:42 - 000082432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5MultimediaWidgets.dll
2016-03-28 21:28 - 2015-10-12 21:23 - 000271872 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5OpenGL.dll
2016-03-28 21:28 - 2015-10-12 21:23 - 000265728 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5PrintSupport.dll
2016-03-28 21:28 - 2015-10-12 21:25 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 013120000 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 008110592 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 002547200 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 002086400 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2018-01-30 03:57 - 2018-01-30 03:57 - 001903616 _____ (Apache Software Foundation) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\log4cxx.dll
2018-01-30 03:55 - 2018-01-30 03:55 - 000036864 _____ (Open Source Software community project) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\pthread.dll
2018-01-30 03:56 - 2018-01-30 03:56 - 001932288 _____ (Apache Software Foundation) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\xerces-c_3_1.dll
2018-01-30 03:55 - 2018-01-30 03:55 - 000090112 _____ () [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2018-01-30 03:55 - 2018-01-30 03:55 - 000217600 _____ () [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2018-01-30 03:55 - 2018-01-30 03:55 - 000273920 _____ () [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\libaudioenc.DLL
2018-01-30 03:55 - 2018-01-30 03:55 - 000172032 _____ () [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 000028160 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2018-01-30 03:42 - 2018-01-30 03:42 - 000237568 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\BERR\AppData\Local\Programs\Google\MusicManager\imageformats\qjpeg4.dll
2019-05-01 07:57 - 2019-04-16 20:29 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2016-03-19 22:23 - 2000-01-01 02:00 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-11-28 22:17 - 2016-11-28 22:17 - 048920064 _____ () [File not signed] D:\Tools\New folder\UiDll\2623\libcef.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 002257408 _____ (ActiveState Software Inc) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\python26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000043008 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000805376 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 005812736 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2016-08-07 03:30 - 2016-08-07 03:30 - 008347136 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\QtGui4.dll
2016-08-07 03:30 - 2016-08-07 03:30 - 002520576 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\QtCore4.dll
2017-05-04 21:01 - 2017-05-04 21:01 - 000067584 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 001662464 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000494592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2016-08-07 03:30 - 2016-08-07 03:30 - 001018368 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\QtNetwork4.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000356864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000111104 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
         
__________________


Geändert von gigas (02.05.2019 um 18:14 Uhr) Grund: Copy Paste Fehler

Alt 02.05.2019, 18:13   #3
gigas
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Code:
ATTFilter
2015-05-08 03:37 - 2015-05-08 03:37 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 000417501 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000167936 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000313856 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2016-08-07 03:30 - 2016-08-07 03:30 - 012745728 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\QtWebKit4.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000127488 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000009216 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 000113171 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 002396691 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2016-08-07 03:13 - 2016-08-07 03:13 - 000029184 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4\plugins\imageformats\qico4.dll
2016-08-07 03:13 - 2016-08-07 03:13 - 000027136 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4\plugins\imageformats\qgif4.dll
2016-08-07 03:13 - 2016-08-07 03:13 - 000197632 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4\plugins\imageformats\qjpeg4.dll
2016-08-07 03:13 - 2016-08-07 03:13 - 000221184 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4\plugins\imageformats\qmng4.dll
2016-08-07 03:13 - 2016-08-07 03:13 - 000285696 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4\plugins\imageformats\qtiff4.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000583680 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 000354304 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2015-05-08 03:38 - 2015-05-08 03:38 - 000263168 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2017-06-27 20:24 - 2008-06-26 20:45 - 000155648 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3170\IMFilter.dll
2017-06-27 20:24 - 2008-06-26 20:46 - 001384520 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3170\ssole.dll
2017-06-27 20:24 - 2008-06-26 20:46 - 000081920 _____ (Samsung Electronics) [File not signed] C:\Windows\twain_32\Samsung\CLX3170\scantopc.dll
2017-06-27 20:24 - 2008-06-26 20:45 - 000367104 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3170\NetModule.dll
2019-05-01 07:57 - 2019-04-16 20:29 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-05-01 07:57 - 2019-04-16 20:29 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2017-06-28 18:33 - 2014-01-17 16:51 - 000588288 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2017-06-28 18:33 - 2013-11-07 19:35 - 000561152 _____ (CANON INC. ) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000141312 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2015-05-08 03:55 - 2015-05-08 03:55 - 001029372 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libglib-2.0-0.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000295457 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libgobject-2.0-0.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000039316 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libgthread-2.0-0.dll
2017-05-04 19:33 - 2017-05-04 19:33 - 002717595 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 002942285 _____ (The Pidgin developer community) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libpurple.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000030594 _____ (The GLib developer community) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libgmodule-2.0-0.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000104861 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\intl.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001213633 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000495680 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001183699 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000483306 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000655356 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001306387 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000301094 _____ (The Gfire Team) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxfire.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000565461 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001640221 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000506276 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001053730 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000497782 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000603326 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000333204 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libnspr4.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001290804 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\nss3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000128262 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\nssutil3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000031554 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libplc4.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000026148 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\libplds4.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000215727 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\smime3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000232807 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\ssl3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000474199 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000259132 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\softokn3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000286885 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\freebl3.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000414890 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Raptr Inc\Raptr\nssckbi.dll
2017-10-18 13:49 - 2017-10-18 13:49 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2013-11-21 09:31 - 2013-11-21 09:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 09:31 - 2013-11-21 09:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2016-03-19 22:06 - 2016-03-19 22:06 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-01-14 17:55 - 000000836 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1	update.ross-tech.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Mozilla Firefox;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\WBERR;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Condusiv Technologies\IntelliMemory\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files\Calibre2\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\PuTTY\;C:\Program Files (x86)\Skype\Pho;C:\Program Files (x86)\Samsung\Samsung PC Studio 3\;%JAVA_HOME%\bin
HKU\S-1-5-21-130187162-3624970289-3089580861-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-130187162-3624970289-3089580861-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05022019175734247\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E1DDCF05-3F91-4DB3-ADBA-83F37A87AD23}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
FirewallRules: [{4F254904-7273-4AB5-945B-D5B9BDC6CDCD}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
FirewallRules: [{6C9EE92A-CE39-4E16-BEC4-8DC39B098979}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABCA45AE-5219-4E33-8C25-E1F89B1A7D51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3FA878E3-E624-4BA7-BAA5-815EFE2AD7CD}] => (Allow) D:\Spiele\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3FA5CA0C-D724-4E90-A081-316998D1F95E}] => (Allow) D:\Spiele\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C352B0EA-34F8-45C5-A5B1-1D6BA0B53D33}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A281A96-A4C2-4AE7-8BC5-622F45655B78}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B22F79C-9E9C-4B9D-B30C-A9CFA45B7E0E}] => (Allow) C:\Users\BERR\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2E51C1E1-D1C2-47F4-8A4C-D6709B5F77C2}] => (Allow) C:\Users\BERR\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8BE001F0-6EAF-4915-AC60-E22C70C837EE}] => (Allow) D:\Spiele\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{384B396D-F7A0-4A45-B734-2276B65DD1CF}] => (Allow) D:\Spiele\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{AA1B6228-894C-455C-B38D-42FEDAEE1AEB}] => (Allow) D:\Spiele\Steam\steamapps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{86DD7C9E-A1E0-446A-A4B6-C8753CBA0926}] => (Allow) D:\Spiele\Steam\steamapps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{703687D5-0DC8-4C32-BB60-1E980D51FFB4}] => (Allow) D:\Spiele\Steam\steamapps\common\mordheim\mordheim.exe (Focus Home Interactive -> )
FirewallRules: [{66FF49C4-E86D-43D6-ADEF-B5250E139AA9}] => (Allow) D:\Spiele\Steam\steamapps\common\mordheim\mordheim.exe (Focus Home Interactive -> )
FirewallRules: [TCP Query User{E0EE3923-486E-4903-A761-BC2CA5F932DE}D:\spiele\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\spiele\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe No File
FirewallRules: [UDP Query User{42B551A2-9F9F-4AAF-B01E-C4079328F71E}D:\spiele\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\spiele\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe No File
FirewallRules: [{60383943-DCDA-4016-8EE8-811F0C233B6F}] => (Allow) LPort=5354
FirewallRules: [{5E0EE55B-358C-45F2-A0D3-D1A50029D8AC}] => (Allow) LPort=5354
FirewallRules: [{DA1CA2D9-DB5E-4427-83A4-C519D8C868BB}] => (Allow) LPort=5354
FirewallRules: [{28F628DE-C026-41A0-B065-88B26C493798}] => (Allow) LPort=5354
FirewallRules: [{6BF76108-56A2-4ED5-9C86-92DBB058E12C}] => (Allow) D:\Spiele\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{B5A11D01-7F5F-4629-A647-DA1B06CCEC07}] => (Allow) D:\Spiele\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [TCP Query User{C353A5D1-0A74-4076-9599-85C3F078F5F2}D:\spiele\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\spiele\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{734907D1-1260-4CB1-8662-2ABA0B4541F4}D:\spiele\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\spiele\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{608334D7-1829-4C68-B662-F01A5A99ED52}] => (Allow) D:\Tools\Magix\Video deluxe 2016\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{CB20E775-0908-46F2-8994-3E203348421F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{21860B7C-34F6-4AAE-908C-922BB161E1F4}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{E81DA788-E312-4AD2-B202-C36C4639C819}] => (Allow) D:\Spiele\Steam\steamapps\common\This War of Mine\This War of Mine.exe (Marek Ziemak -> )
FirewallRules: [{1EC8ED6C-EA10-4E81-8E20-1C16A39F2508}] => (Allow) D:\Spiele\Steam\steamapps\common\This War of Mine\This War of Mine.exe (Marek Ziemak -> )
FirewallRules: [{2A268494-F18D-4B00-925C-BCC48FC80FE7}] => (Allow) D:\Spiele\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{15F63B0D-A34A-4B29-9C78-31C4CEA14DD6}] => (Allow) D:\Spiele\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{72734493-ACD0-4EC8-B78D-21F5C9FEAEE3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C8DB5C79-DEC5-4443-BF41-9FE739EBDE3A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D37DE985-58B2-4523-B4F8-00A9A52E6472}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{A41BF9C5-1418-4E9D-93DB-B9A4CB263680}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{8FF1210C-88CA-4D69-9A30-E5BE382FB518}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{9541C794-DB27-48E8-AFFC-C827B30807CC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{265F81A8-5EF2-444F-8782-7F8711E930C2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{EBA76412-F647-4DE2-9635-31AE7DD1A125}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (Samsung Electronics CO., LTD. -> ScanProcess)
FirewallRules: [{AC98C3F2-CDA3-4F57-9F6A-899327D19DDC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Samsung Electronics CO., LTD. -> Scan2PCNotify)
FirewallRules: [{841B33D6-E059-48C3-AB98-4DB9C691AA9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C8EAA34-F513-48B2-B48D-76966722DBCC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BA4FA674-90EE-40DE-94DB-B464D2C2ACD3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{10D6BA0D-7004-4A17-8F4A-59F9EE69C10C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DDAF1DF5-D919-4CAB-96CD-98CF1756919A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{019170A7-D790-44A1-B279-CE6A38509B17}D:\spiele\overwatch\overwatch.exe] => (Allow) D:\spiele\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{21A323B0-FB2D-4891-8C1D-F713BF8AA90F}D:\spiele\overwatch\overwatch.exe] => (Allow) D:\spiele\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{0723B1E2-0812-46C9-BE75-7CCDB9117110}] => (Allow) D:\Spiele\Steam\steamapps\common\KeeperRL\keeper.exe () [File not signed]
FirewallRules: [{8CA043C2-0D3F-4897-8B92-DE732D7DE718}] => (Allow) D:\Spiele\Steam\steamapps\common\KeeperRL\keeper.exe () [File not signed]
FirewallRules: [{3DD15DF8-014C-4309-B73F-35E274B956ED}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E8E53871-279B-46C8-AF38-3B980306B151}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{52E17D4C-7AFA-4BE4-9543-AB8F0FEAE605}D:\spiele\warcraft iii\war3.exe] => (Allow) D:\spiele\warcraft iii\war3.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6833505C-B0BD-41A9-8F81-CFE29FC6FAFA}D:\spiele\warcraft iii\war3.exe] => (Allow) D:\spiele\warcraft iii\war3.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{26B83F34-A306-47C7-BA26-134F18CCE62E}] => (Allow) D:\Spiele\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{E42B62EC-A772-4096-AAD6-BC3C50672DF6}] => (Allow) D:\Spiele\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{E8B647A1-F2F4-4663-991D-68BA927A0D44}] => (Allow) D:\Spiele\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{0790F3E1-04AA-4A85-A748-DE90B046A3FD}] => (Allow) D:\Spiele\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [TCP Query User{78FB8480-AC49-43A2-8A9D-4505FEEE50B8}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe () [File not signed]
FirewallRules: [UDP Query User{C06D927D-701F-4A3E-9ED7-2439869C82EC}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe () [File not signed]
FirewallRules: [TCP Query User{E0106EF0-79E1-4E1B-B88C-55B8287AB37A}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe () [File not signed]
FirewallRules: [UDP Query User{ABC345A0-81CE-4619-A7F5-6CAEF4AAA003}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe () [File not signed]
FirewallRules: [{B6E2E776-1015-41D5-AC1F-C4C0A68F43AC}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [TCP Query User{4525F0E7-B9F8-4970-A129-D6D2C39CF87B}D:\spiele\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\spiele\steam\steamapps\common\total war warhammer\warhammer.exe No File
FirewallRules: [UDP Query User{0C3EFDEE-BE68-432E-9EEF-4FF098CFAD4B}D:\spiele\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\spiele\steam\steamapps\common\total war warhammer\warhammer.exe No File
FirewallRules: [{C2C8A11F-4015-4CE9-9D7B-77A5DEBD4E62}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{49CAF2DE-A641-4DAD-A053-308097A56BEB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{306C5E49-6A10-42A6-BFF7-CB4777353911}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{37BC308E-EF4B-4139-886A-DF6E5715F6CA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{B2CEFE24-8BB7-4229-A991-140500D72E65}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{0ED5BCE3-0819-47F7-AA6E-FFDB6AC94A71}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{F2872F5F-62E9-4FD6-92EB-B13B496A1CEC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{F7FBB9E6-E39F-43F1-9AEF-5746E0A2DE6B}] => (Allow) D:\Spiele\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{49C91DD3-E7FD-4E1F-97E5-8EBE3E696DDD}] => (Allow) D:\Spiele\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{CAA46E23-79BA-4E93-B6BB-F73E2DF1065C}] => (Allow) D:\Spiele\Steam\steamapps\common\Scythe Digital Edition\Scythe.exe () [File not signed]
FirewallRules: [{513D998E-B3DD-449D-8866-179E728CA34E}] => (Allow) D:\Spiele\Steam\steamapps\common\Scythe Digital Edition\Scythe.exe () [File not signed]
FirewallRules: [{115739AF-FFB3-4A98-BFBF-320304B76101}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{45EB2E23-EC4F-4384-AD36-ECD32D465045}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{724367B0-6116-4EAA-AFEE-B54524F27936}] => (Allow) D:\Spiele\Heroes of the Storm\Versions\Base67985\HeroesOfTheStorm_x64.exe No File
FirewallRules: [{051C751E-0697-46A9-A3EF-67F73E6ABA55}] => (Allow) D:\Spiele\Heroes of the Storm\Versions\Base67985\HeroesOfTheStorm_x64.exe No File
FirewallRules: [{BB9EE367-9A92-4851-B827-EB5417DB8AC6}] => (Allow) D:\Spiele\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{D866A7B3-870F-425C-924F-867CEE217DFC}] => (Allow) D:\Spiele\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{112737E8-417E-46D1-B1AB-980B11145E8D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AD0B9DAB-E962-40F4-B11C-4ED3CB5473B8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE3685A5-F75B-41CF-BBF5-A6919B1A41A6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

01-05-2019 09:43:34 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2019 05:56:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/01/2019 10:46:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/01/2019 09:47:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/01/2019 04:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/01/2019 03:32:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/01/2019 07:21:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/30/2019 06:02:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/29/2019 10:38:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CNQMUPDT.EXE, version: 2.4.0.0, time stamp: 0x52d8e1b8
Faulting module name: CNMDWLD.DLL, version: 1.0.0.0, time stamp: 0x4f5eedc8
Exception code: 0xc0000005
Fault offset: 0x000023c6
Faulting process id: 0x1fac
Faulting application start time: 0x01d4fecb7ce153ca
Faulting application path: C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
Faulting module path: C:\Program Files (x86)\Canon\Quick Menu\CNMDWLD.DLL
Report Id: c88aadc7-6abe-11e9-85c5-c4d987091f5e


System errors:
=============
Error: (05/02/2019 05:56:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the file specified.

Error: (05/02/2019 05:55:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
StarOpen

Error: (05/02/2019 05:55:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the file specified.

Error: (05/02/2019 05:55:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/01/2019 11:13:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (05/01/2019 10:47:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the file specified.

Error: (05/01/2019 10:46:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
StarOpen

Error: (05/01/2019 10:46:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the file specified.


Windows Defender:
===================================
Date: 2019-04-14 22:59:46.656
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849
Name:Misleading:Win32/Lodi
ID:240849
Severity:High
Category:Potentially Unwanted Software
Path Found:file:C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe;file:C:\Windows\System32\Tasks\AVG Driver Updater Scan;file:C:\Windows\System32\Tasks\AVG Driver Updater Startup;file:C:\Windows\Tasks\AVG Driver Updater Scan.job;file:C:\Windows\Tasks\AVG Driver Updater Startup.job;process:pid:2068,ProcessStart:131997479939816201;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B0ACDA-2D76-454B-9AB1-4DCD38CC4981};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D587EA4-F510-406A-A42A-E39E5ADEECCF};regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Driver Updater Scan;regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Driver Updater Startup;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AVG Driver Updater;taskscheduler:C:\Windows\System32\Tasks\AVG Driver Updater Scan;taskscheduler:C:\Windows\System32\Tasks\AVG Driver Updater Startup;tasksch
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2019-04-14 22:56:06.482
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849
Name:Misleading:Win32/Lodi
ID:240849
Severity:High
Category:Potentially Unwanted Software
Path Found:file:C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe;process:pid:2068,ProcessStart:131997479939816201
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2016-11-12 20:53:13.289
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab!blnk&threatid=233713
Name:BrowserModifier:Win32/SupTab!blnk
ID:233713
Severity:High
Category:Browser Modifier
Path Found:file:C:\Users\BERR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2016-11-10 18:21:43.559
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab!blnk&threatid=233713
Name:BrowserModifier:Win32/SupTab!blnk
ID:233713
Severity:High
Category:Browser Modifier
Path Found:file:C:\Users\BERR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2016-11-10 18:10:45.146
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab!blnk&threatid=233713
Name:BrowserModifier:Win32/SupTab!blnk
ID:233713
Severity:High
Category:Browser Modifier
Path Found:file:C:\Program Files (x86)\VulkanRT\1.0.17.0\UninstallVulkanRT.exe;file:C:\Program Files (x86)\VulkanRT\1.0.17.0\V.ico;regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VulkanRT1.0.17.0;uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VulkanRT1.0.17.0
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2018-09-08 18:01:26.819
Description: 
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

Date: 2018-07-04 21:11:21.725
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2018-07-04 21:11:21.725
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2016-11-12 20:56:58.857
Description: 
Windows Defender has encountered an error when taking action on spyware or other potentially unwanted software.
For more information please see the following:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab!blnk&threatid=233713
Name:BrowserModifier:Win32/SupTab!blnk
ID:233713
Severity:High
Category:Browser Modifier
Path:
Action:Clean
Error Code:0x80508023
Error description:The program could not find the spyware and other potentially unwanted software on this computer. 
Status:

CodeIntegrity:
===================================

Date: 2016-03-24 18:16:24.467
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-24 18:16:24.464
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-24 18:16:24.460
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-24 18:16:24.457
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 12:35:44.175
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 12:35:44.175
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 12:35:44.175
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 12:35:44.175
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P05ADH.017.140421.SH 04/21/2014
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP870Z5E-X04DE
Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 91%
Total physical RAM: 8078.71 MB
Available physical RAM: 664 MB
Total Virtual: 16155.57 MB
Available Virtual: 7427.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200 GB) (Free:7.61 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:265.76 GB) (Free:3.87 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 21DC0242)
Partition 1: (Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=265.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         

Wäre top, wenn das jemand kommentieren könnte. @Matthias: bitte gib nochmal die Mail für die Spenden an.
__________________

Alt 03.05.2019, 21:42   #4
M-K-D-B
/// TB-Ausbilder
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos







Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.




Mail Konten werden in über 99% der Fälle online gehackt.
Aktive Malware sehe ich nicht, nur Reste von PUP.

Spricht was dagegen, bei diesem Rechner einfach eine Neuinstallation von Windows 10 durchzuführen (das sollte nach meinem Kenntnisstand noch immer funktionieren... zuvor halt Daten sichern und den Windows 7 Lizenzschlüssel auslesen)?
Deine Hardware gibt das ohne Probleme her.
Dann ist auch Kaspersky und andere nicht mehr notwendige Software weg und du hast ein komplett frisches System... zumal Windows 7 nicht mehr lange unterstützt wird.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Geändert von M-K-D-B (03.05.2019 um 21:51 Uhr)

Alt 06.05.2019, 20:20   #5
M-K-D-B
/// TB-Ausbilder
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 07.05.2019, 11:27   #6
gigas
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Hi Matthias, vielen lieben Dank für deine Nachricht! Am Wochenende mache ich meinen Laptop platt und mache Win 10 drauf.

Schlafe viel ruhiger, danke dir!!

P.S.: habe euch eine kleine Spende zukommen und eine nette Nachricht hinterlassen.

Wünsch dir eine tolle Woche

Alt 07.05.2019, 13:55   #7
M-K-D-B
/// TB-Ausbilder
 
Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Standard

Laptop clean? - Vorgeschichte - Hack des Mail Kontos



Alles klar, vielen Dank für die Rückmeldung.


Vielen Dank für die Spende. Sie dient zur Erhaltung des Forums.







Für die Zeit nach der Neuinstallation:









Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Laptop clean? - Vorgeschichte - Hack des Mail Kontos
administrator, adobe, adware, avg, bonjour, booten, browser, defender, desktop, entfernen, explorer, firefox, flash player, google, iexplore.exe, kaspersky, mozilla, mp3, realtek, registry, scan, software, updates, usb, windows



Ähnliche Themen: Laptop clean? - Vorgeschichte - Hack des Mail Kontos


  1. Löschung meines Kontos
    Lob, Kritik und Wünsche - 20.01.2019 (1)
  2. Yandex warnt vor E-Mail Konto Hack
    Plagegeister aller Art und deren Bekämpfung - 07.02.2018 (10)
  3. Windows 7 -> Nicht authorisierte Nutzung meines Ebay-Kontos
    Log-Analyse und Auswertung - 12.07.2017 (18)
  4. Erstellung eines Lokalen Kontos nicht möglich
    Alles rund um Windows - 19.08.2016 (12)
  5. Windows 7 - Firefox: Weiterleitung im Yahoo Mail Account auf main.targo.12.com und Email Hack
    Log-Analyse und Auswertung - 16.06.2016 (7)
  6. Log analyse nach e-mail hack Win7
    Log-Analyse und Auswertung - 13.11.2015 (22)
  7. Systemsuchlauf Antivir - versteckter Treiber - gefährlich? - mit Vorgeschichte
    Plagegeister aller Art und deren Bekämpfung - 20.04.2015 (29)
  8. Mailer-Daemon-Mail Hack oder Spam?
    Überwachung, Datenschutz und Spam - 13.04.2015 (3)
  9. mail delivery failed returning message - kann es sich um einen hack des Mailkontos handeln?
    Plagegeister aller Art und deren Bekämpfung - 18.07.2014 (5)
  10. evtl. PC-Hack oder Online-Hack?
    Log-Analyse und Auswertung - 19.01.2014 (1)
  11. Mehrere Unbekannte Kontos und Viren
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (24)
  12. System neu aufgesetzt aufgrund Virus. Laptop nun clean???
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (11)
  13. Laptop verschickt Mail
    Log-Analyse und Auswertung - 30.07.2012 (12)
  14. KBA-Trojaner mit unbekannter Vorgeschichte
    Log-Analyse und Auswertung - 21.07.2011 (17)
  15. C:\WINDOWS\system32\drivers\atapi.sys verdächtig / Werbefenster / Vorgeschichte
    Plagegeister aller Art und deren Bekämpfung - 08.04.2010 (7)
  16. clean oder nicht-clean????
    Log-Analyse und Auswertung - 17.09.2007 (5)

Zum Thema Laptop clean? - Vorgeschichte - Hack des Mail Kontos - Hallo zusammen! Ersteinmal ein "Hallo" an das Forum und vor allen Dingen Matthias, der so vielen Leuten hier hilft. Ich finde das Forum total klasse und lese seit ein paar - Laptop clean? - Vorgeschichte - Hack des Mail Kontos...
Archiv
Du betrachtest: Laptop clean? - Vorgeschichte - Hack des Mail Kontos auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.