Trojaner-Board - Laptop sehr langsam

FRST

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016

Ran by abcd (administrator) on ABC (15-05-2016 19:04:12)

Running from C:\Users\abcd\Downloads

Loaded Profiles: abcd (Available Profiles: abcd & natascha)

Platform: Windows 10 Home Version 1511 (X64) Language: Englisch (Vereinigte Staaten)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe

(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe

(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

() C:\Program Files\Synaptics\SynTP\DellTouchpad.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe

() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe

(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe

(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe

(Dropbox, Inc.) C:\Users\abcd\AppData\Roaming\Dropbox\bin\Dropbox.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe

(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe

(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe

(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Microsoft Corporation) C:\Windows\System32\wuapihost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 

==================== Registry (Whitelisted) ===========================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-09-12] (Dell Inc.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [4875576 2012-09-08] ()

HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()

HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-09-08] (Synaptics Incorporated)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [4883216 2016-05-04] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3697776 2012-06-21] (brother)

HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1612872 2016-04-21] (APN)

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [1941064 2016-05-15] ()

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)

Winlogon\Notify\igfxcui: igfxdev.dll [X]

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\...\Run: [Dropbox Update] => C:\Users\abcd\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)

ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

Startup: C:\Users\abcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-14]

ShortcutTarget: Dropbox.lnk -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{41131c20-3597-447b-9740-cbb3bbd1e5bc}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{fa0b3756-9f98-4db3-8f94-f0dd6d4c0444}: [DhcpNameServer] 192.168.188.1
 

Internet Explorer:

==================

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={57FAC78A-AB88-4D06-BCE3-1636187FE0E7}&mid=46c18057f65e47cda1f5b17f9b386d7d-733869b0819a7d46a5acbc21918215d0937b6e91&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715av&pr=fr&d=2015-07-18 15:16:44&v=4.1.4.948&pid=wtu&sg=&sap=hp

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01

SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={57FAC78A-AB88-4D06-BCE3-1636187FE0E7}&mid=46c18057f65e47cda1f5b17f9b386d7d-733869b0819a7d46a5acbc21918215d0937b6e91&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715av&pr=fr&d=2015-07-18 15:16:44&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001 -> {A2B284CC-2876-402E-94EA-9E8D2EF49ACC} URL = 

BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll [2016-05-15] (AVG)

BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-02] (Oracle Corporation)

BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll [2016-05-15] (AVG)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-02] (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies)
 

FireFox:

========

FF ProfilePath: C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default

FF DefaultSearchEngine: AVG Secure Search

FF Homepage: hxxps://ixquick.com/deu/

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.1\\npsitesafety.dll [No File]

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-02] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-02] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)

FF user.js: detected! => C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\user.js [2015-03-08]

FF SearchPlugin: C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\searchplugins\avg-secure-search.xml [2016-04-17]

FF SearchPlugin: C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\searchplugins\ixquick-https---deutsch.xml [2016-04-17]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-05-15]

FF Extension: Quick Translator - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-30]

FF Extension: 20-20 3D Viewer - IKEA - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\extensions\2020Player_IKEA@2020Technologies.com [2016-02-21]

FF Extension: AVG Web TuneUp - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\extensions\avg@toolbar.xpi [2016-04-17]

FF Extension: Personas Plus - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\extensions\personas@christopher.beard.xpi [2016-05-02]

FF Extension: google-maps - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\Extensions\jid1-nEyk3fuea9WauQ@jetpack.xpi [2015-05-30]

FF Extension: Adblock Plus - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-02]

FF Extension: YouTube Flash Video Player - C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Profiles\z54gzncx.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-02]

FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension => not found
 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp

CHR StartupUrls: Default -> "hxxps://www.ixquick.com/"

CHR DefaultSearchURL: Default -> hxxp://www.sweet-page.com/web/?type=ds&ts=1404555457&from=wld&uid=WDCXWD3200BEVT-00ZCT0_WD-WXJ0AB91289912899&q={searchTerms}

CHR DefaultSearchKeyword: Default -> sweet-page

CHR Profile: C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Präsentationen) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-01]

CHR Extension: (Google Docs) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-01]

CHR Extension: (Google Drive) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-09]

CHR Extension: (TV) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-07]

CHR Extension: (YouTube) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-09]

CHR Extension: (Adblock Plus) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-15]

CHR Extension: (Google-Suche) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-09]

CHR Extension: (Google Tabellen) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-01]

CHR Extension: (Google Docs Offline) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]

CHR Extension: (Picasa) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-03-07]

CHR Extension: (Rollip - Photo Effects) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2015-03-07]

CHR Extension: (Quick start) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2015-03-07]

CHR Extension: (Google Mail) - C:\Users\abcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]

CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-04-21]

CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-04-21]
 

==================== Services (Whitelisted) ========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-04-21] (APN LLC.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638968 2016-05-04] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5155904 2016-05-04] (AVG Technologies CZ, s.r.o.)

R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [710232 2016-05-04] (AVG Technologies CZ, s.r.o.)

R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)

R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)

R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)

R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)

R2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-20] (Dell Products, LP.) [File not signed]

R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation)

R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)

S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)

R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)

S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)

S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)

S2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)

R2 vToolbarUpdater40.3.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe [1323080 2016-05-15] (AVG Secure Search)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [972872 2016-05-15] ()
 

===================== Drivers (Whitelisted) ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-04-20] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [248576 2016-03-29] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-04-14] (AVG Technologies CZ, s.r.o.)

R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-04] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)

R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)

R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)

S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)

S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)

S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)

S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)

S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)

S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)

S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-06] (Disc Soft Ltd)

R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )

R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-08] (Synaptics Incorporated)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-08] (Synaptics Incorporated)

S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)

R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2016-05-15 18:58 - 2016-05-15 19:01 - 00049783 _____ C:\Users\abcd\Downloads\Addition.txt

2016-05-15 18:56 - 2016-05-15 19:04 - 00028386 _____ C:\Users\abcd\Downloads\FRST.txt

2016-05-15 18:55 - 2016-05-15 19:04 - 00000000 ____D C:\FRST

2016-05-15 18:53 - 2016-05-15 18:55 - 02382336 _____ (Farbar) C:\Users\abcd\Downloads\FRST64.exe

2016-05-15 12:23 - 2016-05-15 12:23 - 00000000 ___HD C:\OneDriveTemp

2016-05-14 15:01 - 2016-05-14 15:01 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-05-14 13:27 - 2016-05-14 13:28 - 00000000 ____D C:\Users\natascha\AppData\Roaming\PDF Architect 3

2016-05-14 13:27 - 2016-05-14 13:27 - 00000000 ____D C:\Users\natascha\Documents\PDF Architect

2016-05-12 08:06 - 2016-05-12 08:07 - 00392540 _____ C:\WINDOWS\Minidump\051216-55671-01.dmp

2016-05-11 17:15 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-05-11 17:15 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2016-05-11 17:15 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-05-11 17:15 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2016-05-11 17:14 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-05-11 17:14 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2016-05-11 15:58 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2016-05-11 15:57 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2016-05-11 15:57 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2016-05-11 15:57 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2016-05-11 15:57 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2016-05-11 15:57 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2016-05-11 15:57 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2016-05-11 15:57 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-05-11 15:57 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-05-11 15:57 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-05-11 15:57 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2016-05-11 15:57 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2016-05-11 15:57 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-05-11 15:57 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2016-05-11 15:57 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-05-11 15:57 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2016-05-11 15:57 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-05-11 15:56 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-05-11 15:56 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2016-05-11 15:56 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-05-11 15:56 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-05-11 15:56 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-05-11 15:56 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-05-11 15:56 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2016-05-11 15:56 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2016-05-11 15:56 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2016-05-11 15:56 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-05-11 15:56 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2016-05-11 15:56 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2016-05-11 15:56 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2016-05-11 15:56 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2016-05-11 15:56 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2016-05-11 15:56 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2016-05-11 15:56 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2016-05-11 15:56 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2016-05-11 15:56 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2016-05-11 15:56 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2016-05-11 15:56 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2016-05-11 15:56 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2016-05-11 15:56 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2016-05-11 15:56 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2016-05-11 15:56 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2016-05-11 15:56 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2016-05-11 15:56 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2016-05-11 15:56 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-05-11 15:56 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2016-05-11 15:56 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2016-05-11 15:56 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2016-05-11 15:56 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2016-05-11 15:56 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-05-11 15:56 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-05-11 15:56 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2016-05-11 15:56 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2016-05-11 15:56 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2016-05-11 15:56 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-05-11 15:56 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-05-11 15:56 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-05-11 15:56 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-05-11 15:56 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2016-05-11 15:56 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2016-05-11 15:56 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2016-05-11 15:56 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2016-05-11 15:55 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys

2016-05-11 15:55 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll

2016-05-11 15:55 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2016-05-11 15:55 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll

2016-05-11 15:55 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll

2016-05-11 15:55 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll

2016-05-11 15:55 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll

2016-05-11 15:55 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

2016-05-11 15:55 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-05-11 15:55 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-05-11 15:55 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2016-05-11 15:55 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2016-05-11 15:55 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2016-05-11 15:55 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2016-05-11 15:55 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys

2016-05-11 15:55 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2016-05-11 15:55 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2016-05-11 15:55 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2016-05-11 15:55 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-05-11 15:55 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll

2016-05-11 15:55 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll

2016-05-11 15:55 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2016-05-11 15:55 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2016-05-11 15:55 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe

2016-05-11 15:55 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-05-11 15:55 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2016-05-11 15:55 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2016-05-11 15:55 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys

2016-05-11 15:55 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll

2016-05-11 15:55 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2016-05-11 15:55 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2016-05-11 15:55 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2016-05-11 15:55 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2016-05-11 15:55 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

2016-05-11 15:55 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe

2016-05-11 15:55 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2016-05-11 15:55 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2016-05-11 15:55 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2016-05-11 15:55 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll

2016-05-11 15:55 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll

2016-05-11 15:55 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2016-05-11 15:55 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2016-05-11 15:55 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll

2016-05-11 15:55 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2016-05-11 15:55 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2016-05-11 15:55 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll

2016-05-11 15:55 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2016-05-11 15:55 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll

2016-05-11 15:55 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll

2016-05-11 15:55 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2016-05-11 15:55 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll

2016-05-11 15:55 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll

2016-05-11 15:55 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys

2016-05-11 15:55 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll

2016-05-11 15:55 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2016-05-11 15:55 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll

2016-05-11 15:55 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll

2016-05-11 15:55 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys

2016-05-11 15:55 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe

2016-05-11 15:55 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll

2016-05-11 15:55 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2016-05-11 15:55 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll

2016-05-11 15:55 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll

2016-05-11 15:55 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll

2016-05-11 15:55 - 2016-04-23 06:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2016-05-11 15:55 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll

2016-05-11 15:55 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2016-05-11 15:55 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2016-05-11 15:55 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys

2016-05-11 15:55 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2016-05-11 15:55 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll

2016-05-11 15:55 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll

2016-05-11 15:55 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe

2016-05-11 15:55 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2016-05-11 15:55 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2016-05-11 15:55 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll

2016-05-11 15:55 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2016-05-11 15:55 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-05-11 15:55 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll

2016-05-11 15:55 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys

2016-05-11 15:55 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll

2016-05-11 15:55 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2016-05-11 15:55 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll

2016-05-11 15:55 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll

2016-05-11 15:55 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll

2016-05-11 15:55 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2016-05-11 15:55 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2016-05-11 15:55 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-05-11 15:55 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll

2016-05-11 15:55 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll

2016-05-11 15:55 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-05-11 15:55 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll

2016-05-11 15:55 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll

2016-05-11 15:55 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2016-05-11 15:55 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

2016-05-11 15:55 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2016-05-11 15:55 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2016-05-11 15:55 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2016-05-11 15:55 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll

2016-05-11 15:55 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2016-05-11 15:55 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2016-05-11 15:55 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll

2016-05-11 15:55 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2016-05-11 15:55 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

2016-05-11 15:55 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll

2016-05-11 15:55 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2016-05-11 15:55 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2016-05-11 15:55 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2016-05-11 15:55 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2016-05-11 15:55 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2016-05-11 15:55 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2016-05-11 15:55 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll

2016-05-11 15:55 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2016-05-11 15:55 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2016-05-11 15:55 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2016-05-11 15:55 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2016-05-11 15:55 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2016-05-11 15:55 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2016-05-11 15:55 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2016-05-11 15:55 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2016-05-11 15:55 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2016-05-11 15:55 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2016-05-11 15:55 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2016-05-11 15:55 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2016-05-11 15:55 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2016-05-11 15:55 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-05-11 15:55 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2016-05-11 15:55 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2016-05-11 15:55 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2016-05-11 15:55 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2016-05-11 15:55 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2016-05-11 15:55 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2016-05-11 15:55 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2016-05-11 15:55 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-05-11 15:55 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2016-05-11 15:55 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2016-05-11 15:54 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml

2016-05-11 15:54 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml

2016-05-09 17:24 - 2016-05-09 17:24 - 00000000 ____D C:\Users\natascha\AppData\Roaming\Sun

2016-05-09 17:24 - 2016-05-09 17:24 - 00000000 ____D C:\Users\natascha\.oracle_jre_usage

2016-05-05 11:50 - 2016-05-05 16:14 - 00024064 _____ C:\Users\abcd\Documents\Überstunden_ April_Mai_2016.xls

2016-05-05 11:42 - 2016-05-10 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-05-02 22:07 - 2016-05-02 22:07 - 00001145 _____ C:\Users\Public\Desktop\VLC media player.lnk

2016-05-02 22:01 - 2016-05-02 22:06 - 30510920 _____ C:\Users\abcd\Downloads\vlc-2.2.2-win32.exe

2016-05-02 21:47 - 2016-05-02 21:47 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Sun

2016-05-02 21:47 - 2016-05-02 21:47 - 00000000 ____D C:\Users\abcd\.oracle_jre_usage

2016-05-02 21:43 - 2016-05-02 21:43 - 00000000 ____D C:\Users\abcd\AppData\LocalLow\Oracle

2016-05-02 21:42 - 2016-05-02 21:43 - 00738368 _____ (Oracle Corporation) C:\Users\abcd\Downloads\JavaSetup8u91.exe

2016-04-18 06:36 - 2016-05-05 11:41 - 00024576 _____ C:\Users\abcd\Documents\Überstunden_April_16.xls

2016-04-18 06:12 - 2016-04-24 19:16 - 00024064 _____ C:\Users\abcd\Documents\Überstunden_Zettel.xls

2016-04-17 20:13 - 2016-04-17 20:13 - 00180801 _____ C:\Users\abcd\Downloads\36_K100RS_140_BT45.pdf

2016-04-17 19:15 - 2016-04-17 19:16 - 00131499 _____ C:\Users\abcd\Downloads\Teilegutachten_fur_Rohrlenker_34TG0355-10.pdf

2016-04-17 12:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2016-04-17 12:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2016-04-17 12:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2016-04-17 12:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2016-04-17 12:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2016-04-17 12:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-04-17 12:07 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-04-17 12:07 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-04-17 12:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-04-17 12:07 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2016-04-17 12:07 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2016-04-17 12:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-04-17 12:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-04-17 12:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2016-04-17 12:07 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-04-17 12:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-04-17 12:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-04-17 12:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2016-04-17 12:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2016-04-17 12:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2016-04-17 12:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-04-17 12:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2016-04-17 12:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-04-17 12:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-04-17 12:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2016-04-17 12:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2016-04-17 12:07 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-04-17 12:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-04-17 12:07 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2016-04-17 12:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-04-17 12:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-04-17 12:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-04-17 12:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-04-17 12:06 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2016-04-17 12:06 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll

2016-04-17 12:06 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2016-04-17 12:06 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2016-04-17 12:06 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2016-04-17 12:06 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll

2016-04-17 12:06 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2016-04-17 12:06 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2016-04-17 12:06 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2016-04-17 12:06 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2016-04-17 12:06 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2016-04-17 12:06 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-04-17 12:06 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-04-17 12:06 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll

2016-04-17 12:06 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2016-04-17 12:06 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2016-04-17 12:06 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2016-04-17 12:06 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2016-04-17 12:06 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2016-04-17 12:06 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2016-04-17 12:06 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys

2016-04-17 12:06 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll

2016-04-17 12:06 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2016-04-17 12:06 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2016-04-17 12:06 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2016-04-17 12:06 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe

2016-04-17 12:06 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll

2016-04-17 12:06 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll

2016-04-17 12:06 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2016-04-17 12:06 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe

2016-04-17 12:06 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll

2016-04-17 12:06 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll

2016-04-17 12:06 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2016-04-17 12:06 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2016-04-17 12:06 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll

2016-04-17 12:06 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll

2016-04-17 12:06 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2016-04-17 12:06 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll

2016-04-17 12:06 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2016-04-17 12:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys

2016-04-17 12:06 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll

2016-04-17 12:06 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll

2016-04-17 12:06 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll

2016-04-17 12:06 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll

2016-04-17 12:06 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe

2016-04-17 12:06 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll

2016-04-17 12:06 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys

2016-04-17 12:06 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll

2016-04-17 12:06 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys

2016-04-17 12:06 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2016-04-17 12:06 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll

2016-04-17 12:06 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2016-04-17 12:06 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll

2016-04-17 12:06 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2016-04-17 12:06 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2016-04-17 12:06 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2016-04-17 12:06 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2016-04-17 12:06 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll

2016-04-17 12:06 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll

2016-04-17 12:06 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2016-04-17 12:06 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2016-04-17 12:06 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2016-04-17 12:06 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2016-04-17 12:06 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-04-17 12:06 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2016-04-17 12:06 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2016-04-17 12:06 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2016-04-17 12:06 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll

2016-04-17 12:06 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2016-04-17 12:06 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2016-04-17 12:06 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2016-04-17 12:06 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2016-04-17 12:06 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll

2016-04-17 12:06 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2016-04-17 12:06 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2016-04-17 12:06 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll

2016-04-17 12:06 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2016-04-17 12:06 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2016-04-17 12:06 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2016-04-17 12:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-04-17 12:06 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2016-04-17 12:06 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-04-17 12:06 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2016-04-17 12:06 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll

2016-04-17 12:06 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2016-04-17 12:06 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2016-04-17 12:06 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2016-04-17 12:06 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2016-04-17 12:06 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2016-04-17 12:06 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2016-04-17 12:06 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2016-04-17 12:06 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys

2016-04-17 12:06 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2016-04-17 12:06 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2016-04-17 12:06 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe

2016-04-17 12:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2016-04-17 12:06 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2016-04-17 12:06 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2016-04-17 12:06 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2016-04-17 12:06 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2016-04-17 12:06 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2016-04-17 12:06 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll

2016-04-17 12:06 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2016-04-17 12:06 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll

2016-04-17 12:06 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2016-04-17 12:06 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2016-04-17 12:06 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2016-04-17 12:06 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2016-04-17 12:06 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2016-04-17 12:06 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2016-04-17 12:06 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2016-04-17 12:06 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2016-04-17 12:06 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2016-04-17 12:06 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2016-04-17 12:06 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

2016-04-17 12:06 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2016-04-17 12:06 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2016-04-17 12:06 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-04-17 12:06 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2016-04-17 12:06 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll

2016-04-17 12:06 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2016-04-17 12:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2016-04-17 12:06 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2016-04-17 12:06 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2016-04-17 12:06 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2016-04-17 12:06 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2016-04-17 12:06 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2016-04-17 12:06 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2016-04-17 12:06 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-04-17 12:06 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2016-04-17 12:06 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2016-04-17 12:06 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2016-04-17 12:06 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2016-04-17 12:06 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll

2016-04-17 12:06 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2016-04-17 12:06 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2016-04-17 12:06 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2016-04-17 12:06 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2016-04-17 12:06 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2016-04-17 12:06 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll

2016-04-17 12:06 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2016-04-17 12:06 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll

2016-04-17 12:06 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll

2016-04-17 12:05 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2016-04-17 12:05 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll

2016-04-17 12:05 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe

2016-04-17 12:05 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-04-17 12:05 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll

2016-04-17 12:05 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll

2016-04-17 12:05 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll

2016-04-17 12:05 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe

2016-04-17 12:05 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll

2016-04-17 12:05 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys

2016-04-17 12:05 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll

2016-04-17 12:05 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll

2016-04-17 12:05 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-04-17 12:05 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll

2016-04-17 12:05 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll

2016-04-17 12:05 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll

2016-04-17 12:05 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe

2016-04-17 12:05 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll

2016-04-17 12:05 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll

2016-04-17 12:05 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll

2016-04-17 12:05 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

2016-04-17 12:05 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll

2016-04-17 12:05 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2016-05-15 18:54 - 2015-05-31 14:43 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-05-15 18:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-05-15 18:51 - 2015-03-08 22:49 - 00000000 ___RD C:\Users\abcd\Dropbox

2016-05-15 18:50 - 2015-09-27 10:23 - 00000000 ___RD C:\Users\abcd\OneDrive

2016-05-15 18:50 - 2015-04-14 19:02 - 00000482 _____ C:\WINDOWS\Brownie.ini

2016-05-15 18:49 - 2015-03-01 18:18 - 00000000 __SHD C:\Users\abcd\IntelGraphicsProfiles

2016-05-15 18:49 - 2015-03-01 16:46 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-05-15 14:32 - 2015-03-01 16:46 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-05-15 14:29 - 2015-06-20 10:18 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001UA.job

2016-05-15 14:04 - 2015-03-01 19:23 - 00000000 ____D C:\ProgramData\MFAData

2016-05-15 12:58 - 2015-07-18 15:16 - 00000000 ____D C:\ProgramData\AVG Web TuneUp

2016-05-15 12:58 - 2015-07-18 15:16 - 00000000 ____D C:\Program Files\AVG Web TuneUp

2016-05-15 12:58 - 2015-03-01 21:17 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp

2016-05-15 12:29 - 2015-03-07 12:12 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6CC49FB1-638C-4D1B-B1D3-1D860B6604EF}

2016-05-15 10:22 - 2015-03-07 10:33 - 00000000 __SHD C:\Users\natascha\IntelGraphicsProfiles

2016-05-15 10:20 - 2016-01-11 04:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-05-15 10:18 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI

2016-05-15 10:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF

2016-05-14 15:06 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-05-14 15:02 - 2015-03-08 22:40 - 00000000 ____D C:\Users\abcd\AppData\Roaming\Dropbox

2016-05-14 15:00 - 2015-06-20 10:18 - 00000000 ____D C:\Users\abcd\AppData\Local\Dropbox

2016-05-14 14:35 - 2015-09-10 07:42 - 00000000 __RHD C:\Users\Public\AccountPictures

2016-05-14 13:27 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-05-14 11:31 - 2016-01-11 13:17 - 00775644 _____ C:\WINDOWS\system32\perfh007.dat

2016-05-14 11:31 - 2016-01-11 13:17 - 00155748 _____ C:\WINDOWS\system32\perfc007.dat

2016-05-14 11:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF

2016-05-14 11:31 - 2015-09-27 09:57 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-05-14 10:15 - 2015-03-07 10:33 - 00000000 ____D C:\Users\natascha\AppData\Local\Packages

2016-05-13 09:36 - 2016-01-11 04:36 - 00000000 ____D C:\Users\natascha

2016-05-13 08:33 - 2015-12-17 16:21 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-05-13 08:33 - 2015-03-01 16:47 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-05-12 18:56 - 2016-01-12 11:26 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk

2016-05-12 18:56 - 2015-03-01 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2016-05-12 18:39 - 2016-01-11 04:36 - 00000000 ____D C:\Users\abcd

2016-05-12 18:36 - 2015-10-30 11:07 - 00000000 ____D C:\Program Files\Windows Journal

2016-05-12 18:36 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml

2016-05-12 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe

2016-05-12 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-05-12 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning

2016-05-12 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-05-12 18:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2016-05-12 18:29 - 2015-06-20 10:18 - 00001176 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001Core.job

2016-05-12 09:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache

2016-05-12 08:06 - 2016-01-17 08:55 - 00000000 ____D C:\WINDOWS\Minidump

2016-05-12 08:06 - 2015-12-12 11:03 - 821728130 _____ C:\WINDOWS\MEMORY.DMP

2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-05-11 19:27 - 2015-03-01 16:46 - 00004184 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2016-05-11 19:27 - 2015-03-01 16:46 - 00003952 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2016-05-11 19:22 - 2015-03-01 13:39 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-05-11 17:39 - 2015-03-01 13:39 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-05-11 08:05 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2016-05-10 13:16 - 2015-05-23 15:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-05-04 16:58 - 2016-01-08 11:46 - 00071936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avguniva.sys

2016-05-02 22:08 - 2015-02-20 14:01 - 00000000 ____D C:\Users\abcd\AppData\Local\Packages

2016-05-02 22:07 - 2015-03-01 16:59 - 00000000 ____D C:\Users\abcd\AppData\Roaming\vlc

2016-05-02 21:48 - 2015-03-14 16:59 - 00000000 __SHD C:\Users\abcd\AppData\LocalLow\EmieUserList

2016-05-02 21:48 - 2015-03-14 16:59 - 00000000 __SHD C:\Users\abcd\AppData\LocalLow\EmieSiteList

2016-05-02 21:48 - 2015-03-14 16:59 - 00000000 __SHD C:\Users\abcd\AppData\Local\EmieUserList

2016-05-02 21:48 - 2015-03-14 16:59 - 00000000 __SHD C:\Users\abcd\AppData\Local\EmieSiteList

2016-05-02 21:48 - 2015-03-11 01:03 - 00000000 ____D C:\ProgramData\Oracle

2016-05-02 21:48 - 2015-03-11 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-05-02 21:48 - 2015-03-11 01:03 - 00000000 ____D C:\Program Files (x86)\Java

2016-05-02 21:47 - 2015-03-11 01:04 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2016-05-02 21:28 - 2015-09-27 10:23 - 00002421 _____ C:\Users\abcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-04-30 06:36 - 2015-09-27 11:35 - 00002433 _____ C:\Users\natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-04-30 06:36 - 2015-03-07 10:36 - 00000000 __RDO C:\Users\natascha\OneDrive

2016-04-20 14:17 - 2015-08-19 11:52 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys

2016-04-17 18:28 - 2016-01-11 04:27 - 00351848 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-04-17 18:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2016-04-17 18:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
 

==================== Files in the root of some directories =======
 

2015-03-01 17:53 - 2015-03-01 17:53 - 0012415 _____ () C:\Users\abcd\AppData\Local\WiDiSetupLog.20150301.165338.txt

2015-03-01 22:38 - 2015-03-01 22:39 - 0012637 _____ () C:\Users\abcd\AppData\Local\WiDiSetupLog.20150301.213850.txt

2016-01-11 04:32 - 2016-01-11 04:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-03-01 17:44 - 2015-03-01 17:44 - 0000032 _____ () C:\ProgramData\Temp.log

2013-02-16 11:58 - 2013-02-16 11:59 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2013-02-16 11:54 - 2013-02-16 11:55 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2013-02-16 11:55 - 2013-02-16 11:56 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2013-02-16 11:54 - 2013-02-16 11:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

2013-02-16 11:56 - 2013-02-16 11:58 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 

Some files in TEMP:

====================

C:\Users\abcd\AppData\Local\Temp\avg-92dd2032-3608-4f4e-85c0-17782d29b77a.exe

C:\Users\abcd\AppData\Local\Temp\avguirn_08461239722.exe

C:\Users\natascha\AppData\Local\Temp\avguirn_081020909112.exe

C:\Users\natascha\AppData\Local\Temp\avguirn_082092355941.exe
 
 

==================== Bamital & volsnap =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2016-05-12 08:17
 

==================== End of FRST.txt ============================

--- --- ---

[/CODE]

Addition
FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-05-2016

Ran by abcd (2016-05-15 19:04:42)

Running from C:\Users\abcd\Downloads

Windows 10 Home Version 1511 (X64) (2016-01-11 03:04:31)

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

abcd (S-1-5-21-3224018861-1533004767-3066996491-1001 - Administrator - Enabled) => C:\Users\abcd

Administrator (S-1-5-21-3224018861-1533004767-3066996491-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3224018861-1533004767-3066996491-503 - Limited - Disabled)

Guest (S-1-5-21-3224018861-1533004767-3066996491-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3224018861-1533004767-3066996491-1003 - Limited - Enabled)

natascha (S-1-5-21-3224018861-1533004767-3066996491-1004 - Limited - Enabled) => C:\Users\natascha
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 

==================== Installed Programs ======================
 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)

AVG (Version: 16.71.7597 - AVG Technologies) Hidden

AVG 2016 (Version: 16.0.4568 - AVG Technologies) Hidden

AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden

AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)

AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden

AVG Protection (HKLM\...\AVG) (Version: 2016.71.7597 - AVG Technologies)

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)

Brink of Consciousness: Dorian-Gray-Syndrom (HKLM-x32\...\Brink of Consciousness: Dorian-Gray-Syndrom) (Version: 1.0.0.0 - INTENIUM GmbH)

Brother HL-2140 (HKLM-x32\...\{33C39516-4A47-489F-813A-8BDA0B8A5538}) (Version: 1.00 - Brother)

Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)

CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)

Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)

Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.39 - PC-Doctor, Inc.)

Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.13 - Synaptics Incorporated)

Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )

Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)

DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)

Dropbox (HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)

DSC/AA Factory Installer (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden

FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden

Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)

Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden

Grim Tales: Die Steinkönigin Sammleredition (HKLM-x32\...\Grim Tales: Die Steinkönigin Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)

Haunted Halls: Das Grauen von Green Hills Sammleredition (HKLM-x32\...\Haunted Halls: Das Grauen von Green Hills Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)

Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)

Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)

Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

Lost Lands: Die vier Reiter Sammleredition (HKLM-x32\...\Lost Lands: Die vier Reiter Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)

Maestro: Die Symphonie des Todes Sammleredition (HKLM-x32\...\Maestro: Die Symphonie des Todes Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)

Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)

PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)

PDF Architect 3 Asian Fonts Pack (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Convert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Forms Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Insert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Review Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 Secure Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden

PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)

Robin’s Quest: Aufstieg einer Legende (HKLM-x32\...\Robin’s Quest: Aufstieg einer Legende) (Version: 1.0.0.0 - INTENIUM GmbH)

Sacred Almanac: Spuren der Gier (HKLM-x32\...\Sacred Almanac: Spuren der Gier) (Version: 0.0.0.0 - INTENIUM GmbH)

Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2802}) (Version: 12.40.2.466 - APN, LLC) <==== ATTENTION

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Sherlock Holmes und der Hund der Baskervilles (HKLM-x32\...\Sherlock Holmes und der Hund der Baskervilles) (Version: 1.0.0.0 - INTENIUM GmbH)

SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)

SketchUp 2016 (HKLM\...\{F40C8253-11C9-4D11-A392-B335E22D1C52}) (Version: 16.0.19912 - Trimble Navigation Limited)

Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.4.3.7 - 't Schrijverke)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Vertrag mit dem Teufel (HKLM-x32\...\Vertrag mit dem Teufel) (Version: 0.0.0.0 - INTENIUM GmbH)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\abcd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\abcd\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {0F3F8210-3B1D-4EDC-9073-D1E69FD4B4B6} - \PCDEventLauncher -> No File <==== ATTENTION

Task: {1794D91F-ED06-423F-81D4-87C68E6A754C} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe

Task: {1A3E5C80-79BB-4FAB-B9FE-548A067C5E17} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)

Task: {2F17A409-740C-45F5-837D-70DB6C92E7D8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {38BAC327-499E-4888-8452-8CDBCCE13DC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

Task: {3E19DC77-6079-4E79-9932-A36BC6C1DE6A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {3FAC9E05-E4A5-40F9-A97A-E9ADBB773C21} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)

Task: {4440045C-07EA-4EDC-9B29-FDDD2399368D} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe [2015-11-22] ()

Task: {45CF35A1-43F7-4B59-96FC-72BEBE7EE616} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001UA => C:\Users\abcd\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)

Task: {51654905-2409-4350-BB1F-157B309F8E4F} - \SystemToolsDailyTest -> No File <==== ATTENTION

Task: {56F64634-F59F-431B-AEB6-3799443CA3E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {5709C6E7-1482-45D7-A6B9-B17BDB3C8334} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {59F7ADA8-0CF3-4CEA-8CB4-3958EE1BE0C1} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)

Task: {70CCBAD4-0870-462B-8C78-F3BACB693745} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)

Task: {71B00C68-D325-4EF0-890B-D51745B75606} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)

Task: {75885907-AA07-4DB2-9A3C-74BBD7AABB7B} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION

Task: {7BFFEB6A-54A0-4FD3-B002-C53D519B9B32} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {8CE71F9F-12D9-499D-9C2E-CB15F71566F4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {A4B19EEF-2880-4DA6-A62D-10B0C733EB4A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

Task: {B3272B56-456D-42B8-87BE-48C02470190A} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell Support Center\uaclauncher.exe

Task: {BBEA7F8F-CDAE-431B-853E-003B13618CCB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {C231FDE8-0A3D-474A-A40F-A6371A993ED9} - System32\Tasks\0116tbUpdateInfo => C:\ProgramData\Avg_Update_0116tb\0116tb_{849AF12D-1A30-4F73-A1AE-31299D6C446E}.exe [2016-02-07] ()

Task: {C4218D28-B443-4CDF-A582-F10222B9519C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001Core => C:\Users\abcd\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)

Task: {CCBC326F-B7C4-41D2-89E5-BAA54D65B1FF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {E7C005CE-E385-4794-AC81-E58A6FC2369C} - System32\Tasks\0316avtUpdateInfo => C:\ProgramData\Avg_Update_0316avt\0316avt_AVG-Secure-Search-Update.exe [2016-03-06] ()

Task: {E9B8117E-7953-4804-AF9E-5BF8A35841ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)

Task: {ED7168D0-FAE5-4EC2-ABE2-6C1414076A58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {EDBFE229-370A-4FE6-9200-3D9E328C6EC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)

Task: {F428D068-7324-41EA-9400-D53325A94242} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001Core.job => C:\Users\abcd\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3224018861-1533004767-3066996491-1001UA.job => C:\Users\abcd\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 

==================== Shortcuts =============================
 

(The entries could be listed to be restored or removed.)
 

==================== Loaded Modules (Whitelisted) ==============
 

2015-07-18 15:16 - 2016-05-15 12:57 - 00972872 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2016-04-17 12:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-04-17 12:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2016-05-02 21:28 - 2016-05-02 21:28 - 00959176 _____ () C:\Users\abcd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll

2016-01-11 13:21 - 2016-01-11 13:21 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-05-11 15:54 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-05-11 15:56 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-05-11 15:55 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-05-11 15:56 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-05-11 15:56 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2013-02-16 10:35 - 2012-09-08 05:17 - 04875576 _____ () C:\Program Files\Synaptics\SynTP\DellTouchpad.exe

2012-03-22 22:11 - 2012-03-22 22:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe

2015-07-18 15:16 - 2016-05-15 12:57 - 01941064 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe

2016-04-24 19:01 - 2016-04-24 19:04 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2012-06-20 00:33 - 2012-06-20 00:33 - 00102912 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll

2013-02-16 11:47 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2016-05-02 21:28 - 2016-05-02 21:28 - 00679624 _____ () C:\Users\abcd\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll

2015-12-12 13:25 - 2016-04-19 21:47 - 00034768 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2016-05-14 15:01 - 2016-04-19 21:48 - 00019408 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2016-05-14 15:01 - 2016-04-19 21:47 - 00116688 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2015-12-12 13:25 - 2016-04-19 21:47 - 00093640 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2015-12-12 13:25 - 2016-04-19 21:47 - 00018376 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\select.pyd

2015-12-12 13:25 - 2016-05-07 00:35 - 00019760 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00105928 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32api.pyd

2016-05-14 15:01 - 2016-04-19 21:47 - 00392144 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2015-12-12 13:25 - 2016-05-07 00:35 - 00381752 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2015-12-12 13:25 - 2016-04-19 21:47 - 00692688 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00020816 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2015-12-12 13:25 - 2016-04-19 21:48 - 00121296 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 01682760 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00020808 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2015-12-12 13:25 - 2016-05-07 00:35 - 00021840 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00038696 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\fastpath.pyd

2016-05-14 15:01 - 2016-04-19 21:49 - 00020936 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00024528 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32event.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00114640 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32security.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00124880 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32file.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00021832 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00024016 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00175560 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32gui.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00030160 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00043472 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32process.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00028616 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32ts.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00048592 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32service.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00026456 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00057808 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00024016 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32profile.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00117056 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00052024 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2015-12-12 13:25 - 2016-04-19 21:47 - 00134608 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_elementtree.pyd

2016-05-14 15:01 - 2016-04-19 21:47 - 00134088 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2016-05-14 15:01 - 2016-04-19 21:48 - 00240584 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\jpegtran.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00020800 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00021824 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00019776 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00020800 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00024392 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2016-05-14 15:01 - 2016-04-19 21:50 - 00036296 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\librsync.dll

2016-05-14 15:01 - 2016-05-07 00:34 - 00020280 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2015-12-12 13:25 - 2016-05-07 00:35 - 00023376 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00350152 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2016-02-20 10:24 - 2016-05-07 00:35 - 00022352 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00031568 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd

2016-05-14 15:01 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll

2016-05-14 15:01 - 2016-05-07 00:34 - 00084280 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2016-05-14 15:01 - 2016-05-07 00:34 - 01826096 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2015-12-12 13:25 - 2016-04-19 21:48 - 00083912 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\sip.pyd

2016-05-14 15:01 - 2016-05-07 00:35 - 03928880 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 01971504 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00531248 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2016-05-14 15:01 - 2016-05-07 00:35 - 00132912 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2016-05-14 15:01 - 2016-05-07 00:35 - 00223544 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2016-05-14 15:01 - 2016-05-07 00:34 - 00207672 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2015-12-12 13:25 - 2016-04-19 21:49 - 00060880 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\win32print.pyd

2016-04-16 14:48 - 2016-05-07 00:35 - 00025928 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd

2015-12-12 13:25 - 2016-05-07 00:35 - 00024904 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd

2016-05-14 15:01 - 2016-05-07 00:35 - 00546096 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-05-14 15:01 - 2016-05-07 00:35 - 00357680 _____ () C:\Users\abcd\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2016-01-12 11:13 - 2016-04-08 06:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

2016-04-24 19:01 - 2016-04-24 19:04 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2016-04-24 19:01 - 2016-04-24 19:04 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
 

==================== Safe Mode (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 

IE trusted site: HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\...\dell.com -> dell.com
 

==================== Hosts content: ===============================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\abcd\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run32: => "mcui_exe"

HKLM\...\StartupApproved\Run32: => "BCSSync"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKU\S-1-5-21-3224018861-1533004767-3066996491-1001\...\StartupApproved\Run: => "DellSystemDetect"
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{8CB5AAEA-7EB9-4B37-BA72-5A0B16A5B7E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3B103ABF-2FB8-4BA8-8E79-1CBDDE4534C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5091673D-79B4-47B7-9CBB-06AC3CE00318}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{1F116997-A95B-48F2-B48D-BAA82136E2F5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{9166EDD5-ADC3-4A0F-ACEC-20461A840A17}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{2477B19B-00FF-4413-8244-68BD0D49B8FA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{274B79AC-2BF8-4937-B79E-C0682209D04A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{9D0D7AAC-1DA0-4B85-8F39-10E16631420C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{9431C70C-572B-4FF2-9C3C-3D931C061CE5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{228342FE-3AAE-41FF-8D92-AB965EFDDB8B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{E79D37C0-278E-4B72-865F-D1891D2CC269}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{F0E19B3B-6FE8-4F9A-929E-A1956A305D3D}] => (Allow) LPort=1900

FirewallRules: [{D3F097EC-F6F7-453B-A288-734646D1A2C6}] => (Allow) LPort=2869

FirewallRules: [{2A2A0707-A80F-40F6-8B5E-6FC24F6A6DCB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{89534162-69E6-4200-A0B3-41B2E2D19972}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{51376B60-6E17-4E91-B853-4D3EB41FE978}] => (Allow) C:\Users\abcd\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{E27CED46-1748-433B-80B6-B45D80B3B2FB}] => (Allow) C:\Users\abcd\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{F9D58973-1376-4632-9210-392674AB8EF6}C:\users\abcd\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\abcd\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{D45D2C80-6327-4F22-B8F1-528E0AED250C}C:\users\abcd\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\abcd\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{8E642C73-AC03-4A4F-968A-4F39781BF238}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{9CBB2EB7-DF95-4A48-B5A3-CD6797648589}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{D09CFC38-C9DA-4014-BC6F-50B20BA278D7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{85D0363A-0A9C-4270-9FAA-0F989A9B4DE6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{4C219F1D-1CB3-4EEC-A7E5-308D8DE041F7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{B9FFDE0B-24A7-46A5-AA7E-22FE18932A2C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{303D1FE1-E423-4F4F-BE62-5719E61CA681}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{77DB8C32-2224-431A-AA1A-408C557EAD21}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{8A0E219D-8121-48FC-943B-DB0C8A65D9FE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{5108E989-6768-4FC1-8198-F0748A11E62B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{AAA291E1-3D78-4AC5-9DA5-3387B77C41DA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{CD1F2E75-508D-408C-B4E1-2993271F2BE6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{E60915FF-DC2D-4764-8EC2-1478DCCBECBB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{0D4E40F4-1303-4067-A135-544852156E8A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{068744B7-CCE0-4E38-8DFC-4B5FE6B5D910}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{FBFB5863-9208-4019-8A07-695A44A602F4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{1AF1F9FF-F20C-4D4A-BC3E-64DB9152D162}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Restore Points =========================
 

17-04-2016 12:58:20 Windows Update

11-05-2016 17:37:54 Windows Update

11-05-2016 17:38:53 Windows Update
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (05/15/2016 07:01:52 PM) (Source: MsiInstaller) (EventID: 1024) (User: ABC)

Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F104E4700}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
 

Error: (05/15/2016 02:38:04 PM) (Source: MsiInstaller) (EventID: 1024) (User: abc)

Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F104E4700}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
 

Error: (05/15/2016 01:40:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: abc)

Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (05/15/2016 01:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000006f58

ID des fehlerhaften Prozesses: 0x2834

Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0

Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1

Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2

Berichtskennung: CsrBtOBEXService.exe3

Vollständiger Name des fehlerhaften Pakets: CsrBtOBEXService.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CsrBtOBEXService.exe5
 

Error: (05/15/2016 01:04:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ABC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (05/15/2016 12:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000006f58

ID des fehlerhaften Prozesses: 0xb78

Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0

Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1

Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2

Berichtskennung: CsrBtOBEXService.exe3

Vollständiger Name des fehlerhaften Pakets: CsrBtOBEXService.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CsrBtOBEXService.exe5
 

Error: (05/15/2016 10:20:15 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version: 15.0.1001.638, Zeitstempel: 0x55c0af3b

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb

Ausnahmecode: 0xc0000374

Fehleroffset: 0x00000000000ee6fc

ID des fehlerhaften Prozesses: 0x904

Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService64.exe0

Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe1

Pfad des fehlerhaften Moduls: TuneUpUtilitiesService64.exe2

Berichtskennung: TuneUpUtilitiesService64.exe3

Vollständiger Name des fehlerhaften Pakets: TuneUpUtilitiesService64.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TuneUpUtilitiesService64.exe5
 

Error: (05/15/2016 10:18:47 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000006f58

ID des fehlerhaften Prozesses: 0xad0

Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0

Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1

Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2

Berichtskennung: CsrBtOBEXService.exe3

Vollständiger Name des fehlerhaften Pakets: CsrBtOBEXService.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CsrBtOBEXService.exe5
 

Error: (05/15/2016 10:03:55 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: SystemSettingsBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7b4

Name des fehlerhaften Moduls: NetworkMobileSettings.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af4e4

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00000000000b3d22

ID des fehlerhaften Prozesses: 0x1f18

Startzeit der fehlerhaften Anwendung: 0xSystemSettingsBroker.exe0

Pfad der fehlerhaften Anwendung: SystemSettingsBroker.exe1

Pfad des fehlerhaften Moduls: SystemSettingsBroker.exe2

Berichtskennung: SystemSettingsBroker.exe3

Vollständiger Name des fehlerhaften Pakets: SystemSettingsBroker.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettingsBroker.exe5
 

Error: (05/15/2016 10:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version: 15.0.1001.638, Zeitstempel: 0x55c0af3b

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb

Ausnahmecode: 0xc0000374

Fehleroffset: 0x00000000000ee6fc

ID des fehlerhaften Prozesses: 0xc04

Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService64.exe0

Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe1

Pfad des fehlerhaften Moduls: TuneUpUtilitiesService64.exe2

Berichtskennung: TuneUpUtilitiesService64.exe3

Vollständiger Name des fehlerhaften Pakets: TuneUpUtilitiesService64.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TuneUpUtilitiesService64.exe5
 
 

System errors:

=============

Error: (05/15/2016 03:13:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "User Data Access_60e56" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 

Error: (05/15/2016 03:13:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "User Data Storage_60e56" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 

Error: (05/15/2016 03:13:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Contact Data_60e56" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 

Error: (05/15/2016 03:13:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Sync Host_60e56" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 

Error: (05/15/2016 03:13:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 

Error: (05/15/2016 03:13:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Sync Host_531784 erreicht.
 

Error: (05/15/2016 03:12:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst User Data Storage_531784 erreicht.
 

Error: (05/15/2016 03:12:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "User Data Storage_531784" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler: 

%%1056
 

Error: (05/15/2016 03:12:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "User Data Access_531784" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 

Error: (05/15/2016 03:12:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "User Data Storage_531784" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.
 
 

CodeIntegrity:

===================================

  Date: 2016-05-14 14:37:14.955

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-05-12 18:43:00.599

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-05-11 19:30:11.212

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-04-18 06:20:56.625

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-04-17 18:29:55.986

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-04-17 16:00:35.005

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-25 10:16:31.110

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-14 09:24:15.873

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-13 09:27:23.592

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-12 10:42:06.509

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz

Percentage of memory in use: 45%

Total physical RAM: 6009.09 MB

Available physical RAM: 3252.81 MB

Total Virtual: 6969.09 MB

Available Virtual: 4170.09 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:356.21 GB) (Free:286.54 GB) NTFS

Drive f: (franky) (Fixed) (Total:233.76 GB) (Free:213.34 GB) NTFS

Drive n: (natascha) (Fixed) (Total:97.66 GB) (Free:97.54 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 1F207044)
 

Partition: GPT.
 

==================== End of Addition.txt ============================

--- --- ---