Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC wird ungewöhnlich langsam beim starten (https://www.trojaner-board.de/182354-pc-ungewoehnlich-langsam-beim-starten.html)

joerg_k 14.10.2016 11:56
PC wird ungewöhnlich langsam beim starten
 
Hallo !

Windows 10 startet immer langsamer. Die Uhrzeit ist immer falsch gestellt ( im Bios ist sie korrekt ). Muss immer einmal Uhrzeit automatisch stellen aus und wieder einschalten.

Chrome/Firefox starten sehr langsam. Edge ganz normal.

Wenn ich Linux starte ist alles vollkommen normal, so das ich einfach mal denken darf, das es nicht an der Hardware liegt.

Wäre schön wenn ihr mir helfen könnten, welche Logfiles braucht ihr nun ?

Grüße
Jörg

deeprybka 14.10.2016 14:10
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

joerg_k 14.10.2016 14:47
frst teil 1
 
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016
Ran by Joerg (administrator) on RECHTS-PC (14-10-2016 14:09:47)
Running from C:\Users\Joerg\Desktop
Loaded Profiles: Joerg (Available Profiles: Joerg)
Platform: Windows 10 Pro Version 1607 (X64) Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Curse) C:\Users\Joerg\AppData\Local\Apps\2.0\9JOONNB6.E7B\OEOEQ5NL.W0A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
() C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwtxapps.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40737.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40737.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25366584 2016-10-10] (Dropbox, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe [2090176 2016-04-26] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe [1227456 2016-04-26] (CHENGDU Yiwo Tech Development Co., Ltd.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [COS] => C:\Program Files\COMODO\cCloud\cCloud.exe [7195824 2014-09-03] (COMODO Security Solutions)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon1] -> {8ec6dd7e-fece-30b6-a924-9f002415595d} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon2] -> {b0211a8e-58b3-3932-9689-32d644a0828a} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon3] -> {3465eba8-d186-3b9c-870b-0c418f7dd282} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon4] -> {6f195ec8-0779-3aa2-85b3-a43e7f3ef055} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-09]
ShortcutTarget: Curse.lnk -> C:\Users\Joerg\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-06-09] ()
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-04-30]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagentaCLOUD.lnk [2016-05-18]
ShortcutTarget: MagentaCLOUD.lnk -> C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{240447e2-f3fe-40c6-9b3f-440bcb265042}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{240447e2-f3fe-40c6-9b3f-440bcb265042}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com/
hxxps://search.f-secure.com/?fs_uo=homepage
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-09-14] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-09-14] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-09-14] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-09-14] (Bitdefender)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951 [2016-10-14]
FF Extension: (Dashlane) - C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-13]
FF Extension: (LastPass) - C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\Extensions\support@lastpass.com [2016-10-03]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2016-09-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-09-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-06-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2784528314-457634619-2433917865-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default [2016-10-12]
CHR Extension: (Google Präsentationen) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-20]
CHR Extension: (Google Docs) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-20]
CHR Extension: (Google Drive) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-20]
CHR Extension: (YouTube) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-20]
CHR Extension: (Adblock Plus) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Dashlane) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2016-10-03]
CHR Extension: (Bitdefender Wallet) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2016-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-10-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-20]
CHR Extension: (Adblock Pro) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-27]
CHR Extension: (Google Mail) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3037424 2016-10-04] (Microsoft Corporation)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-11] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [38000 2016-10-10] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1088944 2016-09-13] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [216880 2016-08-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1303704 2016-09-14] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 abelssoft_recordify; C:\Windows\system32\drivers\recordify.sys [56584 2016-01-08] (Abelssoft) [File not signed]
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1603264 2016-06-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [850464 2016-06-03] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R0 bdisk; C:\Windows\System32\drivers\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R0 CBUfs; C:\Windows\System32\drivers\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\Windows\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-11-30] (DT Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18016 2016-05-23] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2016-05-23] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-05-23] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-05-23] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-18] (REALiX(tm))
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [300840 2016-08-11] (Bitdefender)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-27] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R0 reparse; C:\Windows\System32\DRIVERS\cbreparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R3 vdbus; C:\Windows\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [437160 2016-10-03] (IDRIX)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 epp; \??\C:\Program Files\Emsisoft Internet Security\epp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-14 14:06 - 2016-10-14 14:07 - 00062943 _____ C:\Users\Joerg\Desktop\Addition.txt
2016-10-14 14:03 - 2016-10-14 14:09 - 00033642 _____ C:\Users\Joerg\Desktop\FRST.txt
2016-10-14 14:03 - 2016-10-14 14:09 - 00000000 ____D C:\FRST
2016-10-14 14:02 - 2016-10-14 14:03 - 02406912 _____ (Farbar) C:\Users\Joerg\Desktop\FRST64.exe
2016-10-14 13:20 - 2016-10-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00038000 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-10-10 20:07 - 2016-10-10 20:07 - 00008033 ____T C:\Users\Joerg\Documents\Receipt 128-00844.zip
2016-10-10 19:34 - 2016-10-10 19:38 - 1706256384 _____ C:\Users\Joerg\Downloads\KB3AIK_DE.iso
2016-10-10 17:57 - 2016-10-10 17:57 - 00004096 ___SH C:\{C70ADB08-C80E-4E35-B7B6-D3571882878D}.CBM
2016-10-10 17:00 - 2016-10-10 17:01 - 00547644 _____ C:\WINDOWS\Minidump\101016-29343-01.dmp
2016-10-10 16:49 - 2016-10-10 17:11 - 00354304 ___SH C:\EUMONBMP.SYS
2016-10-10 00:36 - 2016-10-10 00:36 - 03216344 _____ (Abelssoft ) C:\Users\Joerg\Downloads\checkdrive (1).exe
2016-10-10 00:36 - 2016-10-10 00:36 - 00001117 _____ C:\Users\Public\Desktop\CheckDrive.lnk
2016-10-10 00:36 - 2016-10-10 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheckDrive
2016-10-10 00:36 - 2016-10-10 00:36 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2016-10-10 00:35 - 2016-10-10 00:35 - 03216344 _____ (Abelssoft ) C:\Users\Joerg\Downloads\checkdrive.exe
2016-10-10 00:18 - 2016-10-10 00:18 - 00490492 _____ C:\WINDOWS\Minidump\101016-38359-01.dmp
2016-10-09 23:54 - 2016-10-09 23:55 - 00525892 _____ C:\WINDOWS\Minidump\100916-30718-01.dmp
2016-10-09 21:30 - 2016-10-09 21:31 - 00497596 _____ C:\WINDOWS\Minidump\100916-27062-01.dmp
2016-10-08 17:34 - 2016-10-08 17:35 - 00000000 ____D C:\Users\Joerg\Downloads\shexview-x64
2016-10-08 16:23 - 2016-10-08 16:23 - 00097609 _____ C:\Users\Joerg\Downloads\shexview-x64.zip
2016-10-08 16:14 - 2016-10-08 16:14 - 00000731 _____ C:\Users\Public\Desktop\COMODO BackUp.lnk
2016-10-07 22:37 - 2016-10-08 16:15 - 00000899 _____ C:\Users\Public\Desktop\cCloud.lnk
2016-10-07 22:36 - 2016-10-08 16:15 - 00000000 ____D C:\Program Files\COMODO
2016-10-07 22:36 - 2016-10-08 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-10-07 22:36 - 2014-10-07 13:14 - 03550400 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\COSService.exe
2016-10-07 22:36 - 2014-10-07 13:14 - 02575552 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\SynchronizationService.exe
2016-10-07 22:35 - 2016-10-07 22:35 - 22435552 _____ (COMODO) C:\Users\Joerg\Downloads\CB_setup.exe
2016-10-07 22:03 - 2016-10-07 22:03 - 01381582 _____ (Igor Pavlov) C:\Users\Joerg\Downloads\7z1604-x64.exe
2016-10-07 22:03 - 2016-10-07 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-07 22:03 - 2016-10-07 22:03 - 00000000 ____D C:\Program Files\7-Zip
2016-10-06 19:33 - 2016-10-07 18:56 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-10-05 20:40 - 2016-10-05 20:40 - 00001080 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2016-10-05 20:40 - 2016-10-05 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-10-05 20:39 - 2016-10-05 20:40 - 00000000 ____D C:\Program Files\Tracker Software
2016-10-05 20:38 - 2016-10-05 20:38 - 17934408 _____ (Tracker Software Products Ltd ) C:\Users\Joerg\Downloads\PDFXVwer_2.5.318.1.exe
2016-10-05 20:31 - 2016-10-05 20:31 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (13).pdf
2016-10-05 20:28 - 2016-10-05 20:28 - 00110948 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160729 (2).pdf
2016-10-05 20:25 - 2016-10-05 20:25 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831 (4).pdf
2016-10-03 22:45 - 2016-10-03 22:45 - 00437160 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2016-10-03 22:45 - 2016-10-03 22:45 - 00000905 _____ C:\Users\Public\Desktop\VeraCrypt.lnk
2016-10-03 22:45 - 2016-10-03 22:45 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\VeraCrypt
2016-10-03 22:45 - 2016-10-03 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2016-10-03 22:45 - 2016-10-03 22:45 - 00000000 ____D C:\Program Files\VeraCrypt
2016-10-03 22:44 - 2016-10-03 22:44 - 19867632 _____ (IDRIX) C:\Users\Joerg\Downloads\veracrypt_setup_1.18a.exe
2016-10-03 16:47 - 2016-10-14 10:33 - 00000000 ____D C:\Users\Joerg\AppData\LocalLow\LastPass
2016-10-03 12:54 - 2016-10-12 12:49 - 00013801 _____ C:\bdlog.txt
2016-10-03 12:36 - 2016-10-03 12:36 - 00000000 ____D C:\Users\Joerg\AppData\Temp
2016-10-03 12:09 - 2016-10-03 12:09 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-10-03 11:57 - 2016-10-03 11:57 - 00378813 _____ C:\ProgramData\cl.1475487556.bdinstall.bin
2016-10-03 11:57 - 2016-10-03 11:57 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-10-03 11:56 - 2016-10-07 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2016-10-03 11:56 - 2016-10-03 11:56 - 00002316 _____ C:\Users\Public\Desktop\Bitdefender 2017.lnk
2016-10-03 11:56 - 2016-10-03 11:56 - 00000684 ____H C:\bdr-cf01
2016-10-03 11:46 - 2016-10-03 11:55 - 00000000 ____D C:\ProgramData\BDLogging
2016-10-03 11:46 - 2016-03-14 22:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-10-03 11:46 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-10-03 11:45 - 2016-08-11 17:42 - 00300840 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-10-03 11:45 - 2016-06-29 18:07 - 01603264 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-10-03 11:45 - 2016-06-03 17:05 - 00850464 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-10-03 11:45 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-10-03 11:44 - 2016-10-03 11:57 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Bitdefender
2016-10-03 11:44 - 2016-10-03 11:56 - 00253404 ____H C:\bdr-ld01
2016-10-03 11:44 - 2016-10-03 11:56 - 00009216 ____H C:\bdr-ld01.mbr
2016-10-03 11:44 - 2016-04-18 12:37 - 49758821 ____H C:\bdr-im01.gz
2016-10-03 11:44 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2016-10-03 11:39 - 2016-10-03 12:15 - 00000000 ____D C:\ProgramData\Bitdefender
2016-10-03 11:39 - 2016-10-03 11:39 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\QuickScan
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Program Files\Bitdefender
2016-10-03 11:39 - 2016-03-10 07:41 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-10-03 11:39 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-10-03 11:37 - 2016-10-14 13:14 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-10-03 11:37 - 2016-10-03 11:37 - 00046605 _____ C:\ProgramData\agent.1475487468.bdinstall.bin
2016-10-03 11:37 - 2016-10-03 11:37 - 00001022 _____ C:\Users\Joerg\Desktop\Neues Textdokument (6).txt
2016-10-03 11:37 - 2016-10-03 11:37 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-10-03 11:13 - 2016-10-03 11:37 - 09052632 _____ C:\Users\Joerg\Downloads\bitdefender_isecurity.exe
2016-10-03 02:17 - 2016-10-10 17:00 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-03 02:17 - 2016-10-03 02:17 - 00262144 ____N C:\WINDOWS\Minidump\100316-33250-01.dmp
2016-10-03 00:59 - 2016-10-02 23:37 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-03 00:57 - 2016-10-10 17:11 - 00000000 ____D C:\WINDOWS\system32\config\regsave
2016-10-03 00:53 - 2016-10-03 00:53 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 07812960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04131464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-10-03 00:53 - 2016-10-03 00:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-10-03 00:53 - 2016-10-03 00:53 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02668544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02254848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-03 00:53 - 2016-10-03 00:53 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-03 00:53 - 2016-10-03 00:53 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-03 00:53 - 2016-10-03 00:53 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01182048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-03 00:53 - 2016-10-03 00:53 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-10-03 00:53 - 2016-10-03 00:53 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-03 00:53 - 2016-10-03 00:53 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-03 00:53 - 2016-10-03 00:53 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-10-03 00:53 - 2016-10-03 00:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-10-03 00:53 - 2016-10-03 00:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-10-03 00:53 - 2016-10-03 00:53 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-10-03 00:53 - 2016-10-03 00:53 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-10-03 00:53 - 2016-10-03 00:53 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-10-03 00:52 - 2016-10-03 00:53 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll

joerg_k 14.10.2016 14:48
frst teil 2
 
wo ist der lösch knopf ?

joerg_k 14.10.2016 14:50
die addi
 
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-10-2016
Ran by Joerg (14-10-2016 14:10:47)
Running from C:\Users\Joerg\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-02 21:37:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2784528314-457634619-2433917865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2784528314-457634619-2433917865-503 - Limited - Disabled)
Guest (S-1-5-21-2784528314-457634619-2433917865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2784528314-457634619-2433917865-1005 - Limited - Enabled)
Joerg (S-1-5-21-2784528314-457634619-2433917865-1001 - Administrator - Enabled) => C:\Users\Joerg

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVS Audio Converter 8.1.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.1.1.549 - Online Media Technologies Ltd.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.18.898 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{3000D354-D0BB-4FF3-89F9-04B6E9DD51BA}) (Version: 2.47.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{B1A4D7FA-D994-4304-8A31-D68ECF2B813D}) (Version: 2.47.0 - Kovid Goyal)
Canon CanoScan LiDE 120 On-screen Manual (HKLM-x32\...\Canon CanoScan LiDE 120 On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.11.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - Canon Inc.)
CanoScan LiDE 120 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2415) (Version: 1.02 - Canon Inc.)
cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.08 - Abelssoft)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D-G Unlocker Tools v.1.0 (HKLM-x32\...\{1B0C7840-DEE7-4AE0-965D-6B3892286A68}) (Version: 1.00.0000 - D&G Unlocker)
Dropbox (HKLM-x32\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 9.2  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.2 - CHENGDU YIWO Tech Development Co., Ltd)
Evernote v. 6.2.4 (HKLM-x32\...\{1F000A98-5FF1-11E6-8BF2-0050569584E9}) (Version: 6.2.4.3244 - Evernote Corp.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
MagentaCLOUD Software (HKLM-x32\...\{CC942AEF-031C-49B7-BE47-41F2A5E5DF12}) (Version: 4.20.2.0 - Deutsche Telekom AG)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - de-de (HKLM\...\GrooveRetail - de-de) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MyHarmony (HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
PDF Compressor (HKLM-x32\...\{258FD632-F6BE-4D5B-9A87-98C6F120A864}_is1) (Version: 1.01 - Abelssoft)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.1 - Tracker Software Products Ltd)
Philips Phone Manager (HKLM-x32\...\{A1251409-ABB0-4D7F-888C-9180AD1BA982}) (Version: 2.0.8.1 - Philips)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.18a - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\119046B6D39BBB85A700BB4D451858A003C331AC) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\4D59E7849DD13622C7CD9736C3BC8D67F8FF1F23) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\768E87C91FF81FF582D166E1AC9D74633D9B741D) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\C24BC9096B2E5D1847B32CB5C18C05C9AA99B843) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2784528314-457634619-2433917865-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB0A68-0573-4B93-A034-EA5B7B5055B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {109A5DB3-2FC2-4F48-BAD5-93122F81B7DF} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {142FBCDD-5FF4-485E-9E59-6408913A18B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {1D0C7D78-B1AA-4EF0-8AB5-233A85B6F311} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {1D858461-9CC9-4E3B-8703-D9B332F38E6C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-11] (Dropbox, Inc.)
Task: {22F3A3B7-9CA9-40AF-A19B-41495F829B21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-11] (Dropbox, Inc.)
Task: {345F2B96-12DC-47CB-A9C4-454FD2372BDC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {4916A1C0-0561-4BE8-806D-4E2F0F26F54B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-09-13] (Bitdefender)
Task: {5B9C0D86-61EE-4184-A1B7-FCD55CB8E0AE} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-09-09] (Apple Inc.)
Task: {6EF0B15F-8BA3-487A-AF42-6FD87FB960A6} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2016-09-01] (Bitdefender)
Task: {6F352ED6-C244-45FF-97DE-E305E0E21291} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {891343F1-D4AD-4562-95CF-9CC4B9FC4BC2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9E19585E-29DF-4DF3-A635-A442292E0C50} - System32\Tasks\Uninstaller_SkipUac_Joerg => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {DECEED5A-CA43-4D1E-9D56-9E335C57D41B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {E7C48008-A057-42A0-A65D-31DA469F28D4} - System32\Tasks\{D39662F6-65AC-4F83-95FD-8CEFC411C126} => pcalua.exe -a "C:\Program Files (x86)\OkayFreedom\Proxy\proxysetuptool.exe" -d "C:\Program Files (x86)\OkayFreedom" -c install
Task: {EEB37B85-D15A-4D80-B826-FFCF9638F8A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F24791A5-A50E-461D-9A3A-E9161B80EFB6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {FE11C9B7-7E64-419D-A7A8-59182568A167} - \WPD\SqmUpload_S-1-5-21-2784528314-457634619-2433917865-1001 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Joerg.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-03 11:45 - 2013-09-03 14:29 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2016-10-03 11:45 - 2016-08-24 19:02 - 00134152 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\ECEvents.dll
2016-10-03 11:46 - 2016-09-21 19:47 - 00113944 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\ThreatReporter.dll
2016-10-03 11:46 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl
2016-10-02 23:04 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-09-01 06:31 - 2009-09-01 06:31 - 00022016 _____ () C:\WINDOWS\System32\ssp2ml6.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-29 20:39 - 2013-06-28 15:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-06-16 19:25 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-08 16:15 - 2014-09-03 13:53 - 01508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2016-10-08 16:15 - 2014-09-03 13:53 - 00338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-01-05 21:44 - 2016-06-03 06:15 - 00278720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-06-05 21:49 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 01864384 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-03 00:48 - 2016-10-03 00:48 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-10-03 00:48 - 2016-10-03 00:48 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-03 00:48 - 2016-10-03 00:48 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-06-09 17:32 - 2016-06-09 17:32 - 00016384 _____ () C:\Users\Joerg\AppData\Local\Apps\2.0\9JOONNB6.E7B\OEOEQ5NL.W0A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2016-06-09 17:32 - 2016-06-09 17:32 - 00035840 _____ () C:\Users\Joerg\AppData\Local\Apps\2.0\9JOONNB6.E7B\OEOEQ5NL.W0A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2016-02-03 20:38 - 2016-05-31 16:34 - 03576008 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
2016-10-03 11:46 - 2016-09-21 12:27 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-DE\bdsystray.txtui
2016-10-06 19:42 - 2016-10-06 19:42 - 04152000 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40737.0_x64__8wekyb3d8bbwe\gfxim.dll
2016-10-14 10:25 - 2016-10-14 10:42 - 10555904 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00173760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00056512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00128192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00085184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00443944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00114880 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2016-01-05 21:44 - 2016-04-13 10:49 - 00432320 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\uexper.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00059944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2016-01-05 21:44 - 2016-06-03 06:12 - 00220864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00021184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-12-22 23:49 - 2015-09-21 11:49 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00224808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2016-06-05 21:49 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 01383616 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 00118976 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00439480 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 00327352 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\CefSharp.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 24985264 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\libcef.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 00206536 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\CefSharp.WinForms.dll
2016-06-17 21:25 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-17 21:25 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-10-14 10:15 - 2016-10-14 10:15 - 00098816 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32api.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00110080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pywintypes27.dll
2016-10-14 10:15 - 2016-10-14 10:15 - 00364544 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pythoncom27.dll
2016-10-14 10:15 - 2016-10-14 10:15 - 00320512 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32com.shell.shell.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00776704 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_hashlib.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 01176576 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._core_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00806400 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._gdi_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00816128 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._windows_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 01067008 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._controls_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00733184 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._misc_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00682496 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pysqlite2._sqlite.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00088064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_ctypes.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00119808 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32file.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00108544 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32security.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00007168 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\hashobjs_ext.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00017920 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\thumbnails_ext.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00088064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\usb_ext.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00012800 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\common.time34.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00018432 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32event.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00167936 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32gui.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00046080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_socket.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 01208320 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_ssl.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00128512 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_elementtree.pyd
2016-10-14 10:14 - 2016-10-14 10:15 - 00127488 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pyexpat.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00038912 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32inet.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00036864 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_psutil_windows.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00525208 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\windows._lib_cacheinvalidation.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00011264 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32crypt.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00077312 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._html2.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00027136 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_multiprocessing.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00020480 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_yappi.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00035840 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32process.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00686080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\unicodedata.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00078848 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._animate.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00123392 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._wizard.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00024064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32pipe.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00010240 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\select.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00025600 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32pdh.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00017408 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32profile.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00022528 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32ts.pyd
2016-09-20 08:49 - 2016-09-20 08:49 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-10-03 16:47 - 2016-10-03 16:47 - 01114136 _____ () C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2016-10-03 11:45 - 2013-09-03 14:29 - 00105448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdmetrics.dll
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00074424 _____ () C:\Program Files (x86)\Evernote\Evernote\Microsoft.DwayneNeed.Win32.dll
2016-10-14 13:20 - 2016-09-22 03:44 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-10-14 13:19 - 2016-09-22 03:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-10-14 13:20 - 2016-09-22 03:44 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-10-14 13:20 - 2016-09-22 03:44 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-10-14 13:20 - 2016-09-22 03:44 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-10-14 13:19 - 2016-09-22 03:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-10-14 13:19 - 2016-09-22 03:42 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-10-14 13:19 - 2016-10-10 20:35 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-10-14 13:19 - 2016-10-10 20:30 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-10-14 13:19 - 2016-10-10 20:35 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-10-14 13:19 - 2016-10-10 20:35 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-10-14 13:19 - 2016-09-22 03:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-10-14 13:19 - 2016-09-22 03:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-10-14 13:20 - 2016-10-10 20:35 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-10-14 10:26 - 2016-10-14 10:42 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:11 - 2015-10-30 20:11 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-24 00:36 - 2016-08-24 00:36 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Joerg\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\7z1604-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\CB_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\checkdrive (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\checkdrive.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\PDFXVwer_2.5.318.1.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\veracrypt_setup_1.18a.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-10-14 13:14 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BC35034D-12A0-45FB-B086-9536C704947E}] => (Allow) E:\GameforgeLive\gfl_client.exe
FirewallRules: [{0BC2B0B4-D708-4413-9485-3440D393B4DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D4A3CA9E-A1F8-4BAE-97E3-0ED2988F7755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A0BCB76-8FC9-40E8-8F62-7DA1335F7C72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8223776-EAF2-45CA-B747-638B130A5413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B9DFC471-F000-4DB5-A415-3F6293EB2A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E4ECB9C6-30A6-457C-A498-83E31F25CBD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7E18FE61-F0D3-4C1A-8859-051F7AE2C2F5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8F808EA8-E629-4394-A49A-00A13DB513E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C67399B-DF80-40B2-887B-A2A471E25B6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00AF6F55-1905-4165-94DD-097BA95A3AB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28858179-1E06-4CDA-9481-DD5CBB0E2F79}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B41E4DC7-7F10-4C1F-8FCA-01A67B3C7A30}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [UDP Query User{2E7AA33D-DA0E-47F2-9F42-47C4EBAF9808}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{753EFC41-DBD5-4C5D-BA8C-E0BC66898E99}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7DCAE2CB-D979-4CF2-B332-0BE838F0C46B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CEF3640D-A3FA-4172-A690-FBDD4BF5021C}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{38493FAE-F7EF-4420-8ED3-563BB1551250}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{3DDBC8BD-0493-4581-9640-57DAF9E05632}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

07-10-2016 21:36:08 Removed Adobe Acrobat DC.
09-10-2016 23:40:53 Windows Modules Installer
14-10-2016 13:03:49 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2016 01:20:18 PM) (Source: DbxSvc) (EventID: 270) (User: )
Description: Filter Unload failed with: (-2145452013) The system could not find the filter specified.

Error: (10/14/2016 01:05:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/14/2016 12:46:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.


System errors:
=============
Error: (10/14/2016 01:20:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Interactive Services Detection" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (10/14/2016 01:20:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Interactive Services Detection" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (10/14/2016 01:04:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/14/2016 10:17:12 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/14/2016 10:14:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/12/2016 12:48:36 PM) (Source: DCOM) (EventID: 10010) (User: RECHTS-PC)
Description: Der Server "App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 12:48:36 PM) (Source: DCOM) (EventID: 10010) (User: RECHTS-PC)
Description: Der Server "Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 11:20:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 08:51:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 08:48:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Image Acquisition (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-10-14 10:13:43.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-12 08:47:49.250
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-11 09:14:10.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 19:12:07.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 17:12:20.878
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 00:26:59.539
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 23:55:13.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 21:31:24.888
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 20:59:41.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-08 20:00:35.571
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-4300 Quad-Core Processor
Percentage of memory in use: 69%
Total physical RAM: 4077.55 MB
Available physical RAM: 1225.62 MB
Total Virtual: 5741.55 MB
Available Virtual: 2009.68 MB

==================== Drives ================================

Drive c: (Boot - C Platte 1) (Fixed) (Total:345.13 GB) (Free:133.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Platte 2 -D) (Fixed) (Total:472.07 GB) (Free:411.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Backup Platte 2) (Fixed) (Total:459 GB) (Free:227.77 GB) NTFS
Drive f: (F: Platte 1) (Fixed) (Total:341.8 GB) (Free:326.12 GB) NTFS
Drive g: (USB 3.0 ) (Removable) (Total:58.87 GB) (Free:55.99 GB) exFAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 34EDD9FE)
Partition 1: (Active) - (Size=472.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 23F55897)
Partition 1: (Active) - (Size=345.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=244.1 GB) - (Type=05)

========================================================
Disk: 2 (Size: 58.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
--- --- ---

joerg_k 14.10.2016 14:52
sorry, tags vergessen frst teil 2
 
Code:

2016-10-03 00:52 - 2016-10-03 00:52 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-10-03 00:52 - 2016-10-03 00:52 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-10-03 00:52 - 2016-10-03 00:52 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-10-03 00:52 - 2016-10-03 00:52 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-10-03 00:52 - 2016-10-03 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-10-03 00:52 - 2016-10-03 00:52 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-10-03 00:52 - 2016-10-03 00:52 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-10-03 00:43 - 2016-10-08 16:00 - 00505512 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-03 00:43 - 2016-10-08 16:00 - 00095820 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-03 00:43 - 2016-10-03 00:42 - 00305594 _____ C:\WINDOWS\system32\perfi007.dat
2016-10-03 00:43 - 2016-10-03 00:42 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2016-10-03 00:43 - 2016-07-15 21:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2016-10-03 00:43 - 2016-07-15 21:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2016-10-03 00:43 - 2016-07-15 21:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2016-10-03 00:43 - 2016-07-15 20:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2016-10-03 00:43 - 2016-07-15 20:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2016-10-03 00:42 - 2016-10-03 00:42 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-10-03 00:42 - 2016-10-03 00:42 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2016-10-03 00:42 - 2016-10-03 00:42 - 00000000 ____D C:\WINDOWS\system32\de
2016-10-03 00:34 - 2016-10-03 00:34 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-10-03 00:31 - 2016-10-03 00:31 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-10-03 00:31 - 2016-10-03 00:31 - 00000000 ____D C:\Program Files\MSBuild
2016-10-03 00:31 - 2016-10-03 00:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-03 00:31 - 2016-10-02 23:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-03 00:30 - 2016-10-03 00:30 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-10-03 00:30 - 2016-05-25 16:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-10-03 00:30 - 2016-05-25 16:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-03 00:30 - 2016-05-25 16:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-10-03 00:30 - 2016-05-25 13:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-10-03 00:30 - 2016-05-25 13:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-03 00:30 - 2016-05-25 13:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-10-02 23:45 - 2016-10-14 13:46 - 00000000 ____D C:\Users\Joerg\AppData\Local\Deployment
2016-10-02 23:42 - 2016-10-02 23:42 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-02 23:37 - 2016-10-03 00:00 - 00000000 ____D C:\Users\Joerg\AppData\Local\ConnectedDevicesPlatform
2016-10-02 23:37 - 2016-10-02 23:37 - 00000020 ___SH C:\Users\Joerg\ntuser.ini
2016-10-02 23:37 - 2016-10-02 23:37 - 00000000 ____D C:\ProgramData\USOShared
2016-10-02 23:33 - 2016-10-02 23:36 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-10-02 23:33 - 2016-10-02 23:36 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-10-02 23:32 - 2016-10-14 10:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-02 23:32 - 2016-10-08 16:09 - 00002484 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Joerg
2016-10-02 23:32 - 2016-10-02 23:32 - 00003746 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-10-02 23:32 - 2016-10-02 23:32 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-02 23:32 - 2016-10-02 23:32 - 00003522 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-10-02 23:32 - 2016-10-02 23:32 - 00003426 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-02 23:32 - 2016-10-02 23:32 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-02 23:32 - 2016-10-02 23:32 - 00002822 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-10-02 23:32 - 2016-10-02 23:32 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2784528314-457634619-2433917865-1001
2016-10-02 23:32 - 2016-10-02 23:32 - 00002642 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-10-02 23:32 - 2016-10-02 23:32 - 00002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-10-02 23:32 - 2016-10-02 23:32 - 00002366 _____ C:\WINDOWS\System32\Tasks\{D39662F6-65AC-4F83-95FD-8CEFC411C126}
2016-10-02 23:32 - 2016-10-02 23:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-10-02 23:32 - 2016-10-02 23:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-02 23:32 - 2016-10-02 23:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-10-02 23:17 - 2016-10-02 23:17 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-02 23:17 - 2016-10-02 23:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-02 23:17 - 2016-10-02 23:17 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-10-02 23:17 - 2016-10-02 23:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-02 23:17 - 2016-10-02 23:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-10-02 23:11 - 2016-10-02 23:18 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-10-02 23:09 - 2016-10-10 19:09 - 00000000 ____D C:\Users\Joerg
2016-10-02 23:04 - 2016-10-14 10:13 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-02 23:04 - 2016-10-02 23:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-02 23:04 - 2016-10-02 23:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-02 23:04 - 2016-10-02 23:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-02 23:04 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-10-02 23:04 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-02 23:04 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-02 23:04 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-02 23:04 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-10-02 23:02 - 2016-10-02 23:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-10-02 23:01 - 2016-10-14 14:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-02 23:01 - 2016-10-07 21:53 - 00343912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-02 23:01 - 2016-10-02 23:01 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-27 21:43 - 2016-10-02 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-25 20:54 - 2016-10-05 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-25 18:19 - 2016-09-25 18:21 - 00000000 ____D C:\Users\Joerg\Documents\2016_09_25
2016-09-25 18:19 - 2016-09-25 18:20 - 04862103 _____ C:\Users\Joerg\Desktop\stoag.pdf
2016-09-25 18:13 - 2016-09-25 18:15 - 04897262 _____ C:\Users\Joerg\Documents\IMG_20160925_0001.pdf
2016-09-25 17:58 - 2016-09-25 17:58 - 01549835 _____ C:\Users\Joerg\Downloads\Änderung Ticket2000.pdf
2016-09-24 16:57 - 2016-09-24 16:57 - 00000000 ____D C:\Users\Joerg\Downloads\UWT4
2016-09-24 16:55 - 2016-09-24 16:56 - 00437805 _____ C:\Users\Joerg\Downloads\UWT4.zip
2016-09-23 20:43 - 2016-09-23 20:43 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-09-23 20:42 - 2016-09-23 21:13 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-23 20:42 - 2016-09-23 20:42 - 11579432 _____ (SurfRight B.V.) C:\Users\Joerg\Downloads\HitmanPro_x64.exe
2016-09-23 20:42 - 2016-09-23 20:42 - 11579432 _____ (SurfRight B.V.) C:\Users\Joerg\Downloads\HitmanPro_x64(1).exe
2016-09-22 17:07 - 2016-09-22 17:08 - 00052586 _____ C:\Users\Joerg\Downloads\document(1).pdf
2016-09-20 20:29 - 2016-09-20 20:29 - 00001024 ____H C:\SYSTAG.BIN
2016-09-20 20:27 - 2016-10-07 21:46 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2016-09-20 20:27 - 2016-09-20 22:14 - 00000000 ____D C:\ProgramData\AomeiBR
2016-09-20 20:27 - 2016-07-04 15:18 - 00152024 _____ C:\WINDOWS\system32\ammntdrv.sys
2016-09-20 20:27 - 2016-07-04 15:18 - 00031192 _____ C:\WINDOWS\system32\ambakdrv.sys
2016-09-20 20:27 - 2016-07-04 15:18 - 00018392 _____ C:\WINDOWS\system32\amwrtdrv.sys
2016-09-20 20:23 - 2016-09-20 20:26 - 82786072 _____ (AOMEI Technology Co., Ltd. ) C:\Users\Joerg\Downloads\BackupperFull.exe
2016-09-19 01:07 - 2016-09-19 01:07 - 00000000 ___RD C:\Users\Joerg\ODBA
2016-09-18 16:51 - 2015-12-10 14:44 - 57915392 _____ C:\Users\Joerg\Desktop\Lmergencydisk.iso
2016-09-18 16:50 - 2016-01-22 23:29 - 489947136 _____ C:\Users\Joerg\Desktop\Emergencydisk.iso
2016-09-16 22:51 - 2016-09-16 22:51 - 00000000 ____D C:\Users\Joerg\Desktop\norisbank
2016-09-16 22:45 - 2016-09-16 22:46 - 01545875 _____ C:\Users\Joerg\Documents\IMG_20160916_0002.pdf
2016-09-16 22:43 - 2016-09-16 22:43 - 03894345 _____ C:\Users\Joerg\Documents\IMG_20160916_0001.pdf
2016-09-16 22:33 - 2016-09-16 22:33 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831 (3).pdf
2016-09-16 22:33 - 2016-09-16 22:33 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (12).pdf
2016-09-16 22:33 - 2016-09-16 22:33 - 00109758 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160630 (3).pdf
2016-09-16 22:31 - 2016-09-16 22:31 - 00116094 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160331 (5).pdf
2016-09-16 22:31 - 2016-09-16 22:31 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (11).pdf
2016-09-16 22:30 - 2016-09-16 22:30 - 00109747 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160429 (3).pdf
2016-09-16 22:29 - 2016-09-16 22:29 - 00116094 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160331 (4).pdf
2016-09-16 22:29 - 2016-09-16 22:29 - 00116094 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160331 (3).pdf
2016-09-16 22:27 - 2016-09-16 22:27 - 00116731 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (8).pdf
2016-09-16 22:26 - 2016-09-16 22:26 - 00116731 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (6).pdf
2016-09-16 22:26 - 2016-09-16 22:26 - 00115410 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (7).pdf
2016-09-16 22:25 - 2016-09-16 22:25 - 00116731 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (5).pdf
2016-09-16 22:20 - 2016-09-16 22:20 - 00001816 ____R C:\Users\Joerg\Documents\BitLocker-Wiederherstellungsschlüssel A3EA0608-EDEF-43A7-A740-4B0CBA5A0E9E.TXT
2016-09-15 20:52 - 2016-09-15 20:52 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (10).pdf
2016-09-15 20:51 - 2016-09-15 20:51 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (9).pdf
2016-09-15 20:50 - 2016-09-15 20:50 - 00109747 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160429 (2).pdf
2016-09-15 20:49 - 2016-09-15 20:49 - 00116094 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160331 (2).pdf
2016-09-15 20:48 - 2016-09-15 20:48 - 00116094 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160331 (1).pdf
2016-09-15 20:47 - 2016-09-15 20:47 - 00115410 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (4).pdf
2016-09-15 20:46 - 2016-09-15 20:46 - 00116731 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (3).pdf
2016-09-15 20:43 - 2016-09-15 20:43 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831 (2).pdf
2016-09-15 20:42 - 2016-09-15 20:42 - 00115410 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (2).pdf
2016-09-15 20:42 - 2016-09-15 20:42 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (8).pdf
2016-09-15 20:42 - 2016-09-15 20:42 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (7).pdf
2016-09-15 20:42 - 2016-09-15 20:42 - 00109758 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160630 (2).pdf
2016-09-15 20:42 - 2016-09-15 20:42 - 00109747 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160429 (1).pdf
2016-09-15 20:41 - 2016-09-15 20:41 - 00116731 _____ C:\Users\Joerg\Downloads\AZG1149490006_001_20160229 (1).pdf
2016-09-15 20:37 - 2016-09-15 20:37 - 00110948 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160729 (1).pdf
2016-09-15 20:36 - 2016-09-15 20:36 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831 (1).pdf
2016-09-15 20:34 - 2016-09-15 20:34 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831.pdf
2016-09-15 20:29 - 2016-09-15 20:29 - 00001816 ____R C:\Users\Joerg\Documents\BitLocker-Wiederherstellungsschlüssel D8EE5206-A873-47A3-B676-108F4F18F017.TXT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-14 14:10 - 2015-11-30 21:04 - 00000000 ____D C:\Users\Joerg\Documents\Outlook-Dateien
2016-10-14 13:20 - 2015-12-11 00:37 - 00000000 ___RD C:\Users\Joerg\Dropbox
2016-10-14 13:20 - 2015-12-11 00:34 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-10-14 13:17 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-14 12:50 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-14 12:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-12 12:49 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-12 11:35 - 2015-11-29 17:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 11:26 - 2015-11-29 17:17 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 11:03 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-12 11:02 - 2016-06-16 19:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-12 08:53 - 2015-11-29 16:05 - 00000000 ____D C:\Users\Joerg\AppData\Local\Packages
2016-10-10 17:05 - 2016-07-16 08:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2016-10-10 17:00 - 2016-06-11 17:54 - 705593040 _____ C:\WINDOWS\MEMORY.DMP
2016-10-10 00:36 - 2016-03-24 19:15 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Abelssoft
2016-10-10 00:36 - 2016-02-17 02:07 - 00000000 ____D C:\Users\Joerg\AppData\Local\Abelssoft
2016-10-09 23:56 - 2016-06-17 21:20 - 00000000 ____D C:\ProgramData\ProductData
2016-10-09 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-09 14:28 - 2015-12-01 22:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-10-08 16:20 - 2015-11-30 20:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-08 16:09 - 2016-06-17 21:20 - 00000298 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Joerg.job
2016-10-08 16:00 - 2015-11-29 23:04 - 01522590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-07 22:36 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-07 21:51 - 2016-06-05 20:44 - 00000000 ____D C:\ProgramData\Battle.net
2016-10-07 21:48 - 2016-06-29 20:37 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Fraunhofer SIT
2016-10-07 21:48 - 2016-06-29 20:34 - 00000000 ____D C:\Program Files (x86)\Fraunhofer SIT
2016-10-07 21:45 - 2015-12-07 14:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-10-07 21:38 - 2015-12-07 14:56 - 00000000 ____D C:\ProgramData\Adobe
2016-10-05 20:47 - 2015-12-01 21:05 - 00000000 ____D C:\Users\Joerg\AppData\Local\1149142A-4C34-41C3-97EB-E207A8057C5A.aplzod
2016-10-04 21:48 - 2016-05-20 14:57 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 21:48 - 2016-05-20 14:57 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-03 19:08 - 2015-12-01 21:06 - 00000000 ____D C:\Users\Joerg\AppData\Local\Apple Inc
2016-10-03 18:27 - 2015-11-29 23:59 - 00000000 ____D C:\Users\Joerg\AppData\Local\Comms
2016-10-03 16:44 - 2016-03-17 00:05 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Dashlane
2016-10-03 16:44 - 2016-03-17 00:05 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-10-03 11:23 - 2016-03-19 19:35 - 00000000 ____D C:\Program Files\Emsisoft Internet Security
2016-10-03 03:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-10-03 02:39 - 2015-11-29 16:06 - 00000000 ____D C:\Users\Joerg\AppData\Local\VirtualStore
2016-10-03 00:59 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-10-03 00:55 - 2016-07-17 00:54 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-03 00:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-03 00:55 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-03 00:55 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-03 00:45 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\OCR
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-10-03 00:42 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Com
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\IME
2016-10-03 00:42 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-10-03 00:42 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\servicing
2016-10-03 00:31 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-10-03 00:31 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-10-03 00:31 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-10-03 00:31 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-10-03 00:31 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-10-02 23:48 - 2015-11-30 00:02 - 00002438 _____ C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-10-02 23:39 - 2016-01-05 18:31 - 00000000 ____D C:\Users\Joerg\AppData\Local\PackageStaging
2016-10-02 23:38 - 2015-11-29 16:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-02 23:37 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-10-02 23:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-02 23:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-10-02 23:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-10-02 23:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-10-02 23:26 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-10-02 23:26 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-10-02 23:26 - 2015-11-29 21:06 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-10-02 23:18 - 2016-09-13 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-02 23:18 - 2016-08-27 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2016-10-02 23:18 - 2016-08-26 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-02 23:18 - 2016-08-26 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
2016-10-02 23:18 - 2016-08-25 01:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0
2016-10-02 23:18 - 2016-08-19 15:22 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-02 23:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-10-02 23:18 - 2016-07-04 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-02 23:18 - 2016-06-23 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-10-02 23:18 - 2016-06-16 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-02 23:18 - 2016-06-09 17:32 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2016-10-02 23:18 - 2016-06-05 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-02 23:18 - 2016-06-05 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-10-02 23:18 - 2016-06-01 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 120 Manual
2016-10-02 23:18 - 2016-05-29 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2016-10-02 23:18 - 2016-05-07 01:46 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-10-02 23:18 - 2016-05-07 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-10-02 23:18 - 2016-04-16 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-10-02 23:18 - 2016-03-24 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Compressor
2016-10-02 23:18 - 2016-03-19 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recover Keys
2016-10-02 23:18 - 2016-03-08 21:24 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-10-02 23:18 - 2016-02-24 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-10-02 23:18 - 2016-01-05 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 9.2
2016-10-02 23:18 - 2016-01-05 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-02 23:18 - 2015-12-27 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2016-10-02 23:18 - 2015-12-27 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-10-02 23:18 - 2015-12-22 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-10-02 23:18 - 2015-12-15 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-02 23:18 - 2015-11-30 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-02 23:18 - 2015-11-30 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-10-02 23:18 - 2015-11-30 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-02 23:18 - 2015-11-30 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-02 23:18 - 2015-10-30 20:09 - 00000000 ____D C:\WINDOWS\ShellNew
2016-10-02 23:17 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-10-02 23:13 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-10-02 23:13 - 2016-07-17 00:49 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-10-02 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-10-02 23:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-10-02 23:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-10-02 23:12 - 2016-09-07 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-10-02 23:12 - 2016-08-21 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D&G Unlocker
2016-10-02 23:12 - 2016-08-01 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-10-02 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-02 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-10-02 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-02 23:12 - 2016-04-29 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-10-02 23:12 - 2016-04-29 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-10-02 23:12 - 2015-12-31 15:29 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-10-02 23:12 - 2015-12-31 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 110
2016-10-02 23:12 - 2015-12-19 12:26 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-10-02 23:12 - 2015-12-10 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-10-02 23:12 - 2015-12-05 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips
2016-10-02 23:10 - 2016-02-11 14:55 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telekom
2016-10-02 23:07 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-02 23:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-10-02 23:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-10-02 23:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-02 23:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-10-02 01:26 - 2015-11-29 16:58 - 00008192 __RSH C:\BOOTSECT.BAK
2016-10-02 01:12 - 2015-12-01 19:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-02 00:47 - 2016-01-05 18:26 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 00:39 - 2015-12-11 00:34 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-10-01 23:39 - 2015-12-11 00:34 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-10-01 21:47 - 2016-01-05 18:26 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-01 21:17 - 2016-06-12 19:00 - 00000000 ____D C:\Users\Joerg\AppData\Local\CrashDumps
2016-09-30 13:19 - 2015-11-29 23:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-29 20:58 - 2016-04-29 20:39 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-28 20:23 - 2016-07-04 17:22 - 00000000 _____ C:\Users\Joerg\AppData\LocalLow\rightsCheck_1.txt
2016-09-26 19:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-09-23 19:41 - 2016-08-26 16:06 - 00001096 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-09-23 15:35 - 2015-12-15 20:01 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\vlc
2016-09-21 16:37 - 2016-07-04 16:44 - 00001425 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-09-21 16:37 - 2016-07-04 16:44 - 00001392 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-09-21 16:37 - 2016-07-04 16:44 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-09-21 16:36 - 2016-07-04 16:43 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\DVDVideoSoft
2016-09-17 23:43 - 2016-04-16 00:53 - 00000000 ____D C:\Users\Joerg\Downloads\Gameforge Live

==================== Files in the root of some directories =======

2016-02-21 04:26 - 2016-02-21 04:26 - 0001946 _____ () C:\Users\Joerg\AppData\Local\HDGraph.log
2016-10-03 11:37 - 2016-10-03 11:37 - 0046605 _____ () C:\ProgramData\agent.1475487468.bdinstall.bin
2016-10-03 11:57 - 2016-10-03 11:57 - 0378813 _____ () C:\ProgramData\cl.1475487556.bdinstall.bin
2016-09-24 16:58 - 2016-09-24 16:59 - 0019535 _____ () C:\ProgramData\empty.ico

Some files in TEMP:
====================
C:\Users\Joerg\AppData\Local\Temp\vsdel.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-14 13:03

==================== End of FRST.txt ============================

joerg_k 14.10.2016 14:53
addi in tags
 
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-10-2016
Ran by Joerg (14-10-2016 14:10:47)
Running from C:\Users\Joerg\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-02 21:37:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2784528314-457634619-2433917865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2784528314-457634619-2433917865-503 - Limited - Disabled)
Guest (S-1-5-21-2784528314-457634619-2433917865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2784528314-457634619-2433917865-1005 - Limited - Enabled)
Joerg (S-1-5-21-2784528314-457634619-2433917865-1001 - Administrator - Enabled) => C:\Users\Joerg

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVS Audio Converter 8.1.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.1.1.549 - Online Media Technologies Ltd.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.18.898 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{3000D354-D0BB-4FF3-89F9-04B6E9DD51BA}) (Version: 2.47.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{B1A4D7FA-D994-4304-8A31-D68ECF2B813D}) (Version: 2.47.0 - Kovid Goyal)
Canon CanoScan LiDE 120 On-screen Manual (HKLM-x32\...\Canon CanoScan LiDE 120 On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.11.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - Canon Inc.)
CanoScan LiDE 120 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2415) (Version: 1.02 - Canon Inc.)
cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.08 - Abelssoft)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D-G Unlocker Tools v.1.0 (HKLM-x32\...\{1B0C7840-DEE7-4AE0-965D-6B3892286A68}) (Version: 1.00.0000 - D&G Unlocker)
Dropbox (HKLM-x32\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 9.2  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.2 - CHENGDU YIWO Tech Development Co., Ltd)
Evernote v. 6.2.4 (HKLM-x32\...\{1F000A98-5FF1-11E6-8BF2-0050569584E9}) (Version: 6.2.4.3244 - Evernote Corp.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
MagentaCLOUD Software (HKLM-x32\...\{CC942AEF-031C-49B7-BE47-41F2A5E5DF12}) (Version: 4.20.2.0 - Deutsche Telekom AG)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - de-de (HKLM\...\GrooveRetail - de-de) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MyHarmony (HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
PDF Compressor (HKLM-x32\...\{258FD632-F6BE-4D5B-9A87-98C6F120A864}_is1) (Version: 1.01 - Abelssoft)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.1 - Tracker Software Products Ltd)
Philips Phone Manager (HKLM-x32\...\{A1251409-ABB0-4D7F-888C-9180AD1BA982}) (Version: 2.0.8.1 - Philips)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.18a - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\119046B6D39BBB85A700BB4D451858A003C331AC) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\4D59E7849DD13622C7CD9736C3BC8D67F8FF1F23) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\768E87C91FF81FF582D166E1AC9D74633D9B741D) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports  (05/31/2012 6.0.0.0) (HKLM\...\C24BC9096B2E5D1847B32CB5C18C05C9AA99B843) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2784528314-457634619-2433917865-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB0A68-0573-4B93-A034-EA5B7B5055B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {109A5DB3-2FC2-4F48-BAD5-93122F81B7DF} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {142FBCDD-5FF4-485E-9E59-6408913A18B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {1D0C7D78-B1AA-4EF0-8AB5-233A85B6F311} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {1D858461-9CC9-4E3B-8703-D9B332F38E6C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-11] (Dropbox, Inc.)
Task: {22F3A3B7-9CA9-40AF-A19B-41495F829B21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-11] (Dropbox, Inc.)
Task: {345F2B96-12DC-47CB-A9C4-454FD2372BDC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {4916A1C0-0561-4BE8-806D-4E2F0F26F54B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-09-13] (Bitdefender)
Task: {5B9C0D86-61EE-4184-A1B7-FCD55CB8E0AE} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-09-09] (Apple Inc.)
Task: {6EF0B15F-8BA3-487A-AF42-6FD87FB960A6} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2016-09-01] (Bitdefender)
Task: {6F352ED6-C244-45FF-97DE-E305E0E21291} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {891343F1-D4AD-4562-95CF-9CC4B9FC4BC2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9E19585E-29DF-4DF3-A635-A442292E0C50} - System32\Tasks\Uninstaller_SkipUac_Joerg => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {DECEED5A-CA43-4D1E-9D56-9E335C57D41B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {E7C48008-A057-42A0-A65D-31DA469F28D4} - System32\Tasks\{D39662F6-65AC-4F83-95FD-8CEFC411C126} => pcalua.exe -a "C:\Program Files (x86)\OkayFreedom\Proxy\proxysetuptool.exe" -d "C:\Program Files (x86)\OkayFreedom" -c install
Task: {EEB37B85-D15A-4D80-B826-FFCF9638F8A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F24791A5-A50E-461D-9A3A-E9161B80EFB6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {FE11C9B7-7E64-419D-A7A8-59182568A167} - \WPD\SqmUpload_S-1-5-21-2784528314-457634619-2433917865-1001 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Joerg.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-03 11:45 - 2013-09-03 14:29 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2016-10-03 11:45 - 2016-08-24 19:02 - 00134152 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\ECEvents.dll
2016-10-03 11:46 - 2016-09-21 19:47 - 00113944 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\ThreatReporter.dll
2016-10-03 11:46 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl
2016-10-03 11:46 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl
2016-10-02 23:04 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-09-01 06:31 - 2009-09-01 06:31 - 00022016 _____ () C:\WINDOWS\System32\ssp2ml6.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-29 20:39 - 2013-06-28 15:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-06-16 19:25 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-08 16:15 - 2014-09-03 13:53 - 01508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2016-10-08 16:15 - 2014-09-03 13:53 - 00338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-06-05 21:49 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-01-05 21:44 - 2016-06-03 06:15 - 00278720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-06-05 21:49 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-05 21:49 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 01864384 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-10-03 00:52 - 2016-10-03 00:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-03 00:48 - 2016-10-03 00:48 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-10-03 00:48 - 2016-10-03 00:48 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-03 00:48 - 2016-10-03 00:48 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-06-09 17:32 - 2016-06-09 17:32 - 00016384 _____ () C:\Users\Joerg\AppData\Local\Apps\2.0\9JOONNB6.E7B\OEOEQ5NL.W0A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2016-06-09 17:32 - 2016-06-09 17:32 - 00035840 _____ () C:\Users\Joerg\AppData\Local\Apps\2.0\9JOONNB6.E7B\OEOEQ5NL.W0A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2016-02-03 20:38 - 2016-05-31 16:34 - 03576008 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
2016-10-03 11:46 - 2016-09-21 12:27 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-DE\bdsystray.txtui
2016-10-06 19:42 - 2016-10-06 19:42 - 04152000 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40737.0_x64__8wekyb3d8bbwe\gfxim.dll
2016-10-14 10:25 - 2016-10-14 10:42 - 10555904 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-07-04 16:44 - 2016-08-31 19:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00173760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00056512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00128192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00085184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00443944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2016-01-05 21:44 - 2016-06-03 06:13 - 00114880 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2016-01-05 21:44 - 2016-04-13 10:49 - 00432320 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\uexper.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00059944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2016-01-05 21:44 - 2016-06-03 06:12 - 00220864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2016-01-05 21:43 - 2016-06-03 06:12 - 00021184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2016-01-05 21:43 - 2015-12-10 07:04 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-12-22 23:49 - 2015-09-21 11:49 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-05 21:44 - 2015-12-10 07:04 - 00224808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2016-06-05 21:49 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 01383616 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-10-02 23:47 - 2016-10-02 23:47 - 00118976 _____ () C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00439480 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 00327352 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\CefSharp.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 24985264 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\libcef.dll
2015-11-13 18:31 - 2016-05-31 16:34 - 00206536 _____ () C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\CefSharp.WinForms.dll
2016-06-17 21:25 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-17 21:25 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-10-14 10:15 - 2016-10-14 10:15 - 00098816 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32api.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00110080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pywintypes27.dll
2016-10-14 10:15 - 2016-10-14 10:15 - 00364544 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pythoncom27.dll
2016-10-14 10:15 - 2016-10-14 10:15 - 00320512 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32com.shell.shell.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00776704 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_hashlib.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 01176576 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._core_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00806400 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._gdi_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00816128 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._windows_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 01067008 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._controls_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00733184 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._misc_.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00682496 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pysqlite2._sqlite.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00088064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_ctypes.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00119808 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32file.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00108544 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32security.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00007168 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\hashobjs_ext.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00017920 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\thumbnails_ext.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00088064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\usb_ext.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00012800 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\common.time34.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00018432 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32event.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00167936 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32gui.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00046080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_socket.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 01208320 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_ssl.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00128512 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_elementtree.pyd
2016-10-14 10:14 - 2016-10-14 10:15 - 00127488 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\pyexpat.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00038912 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32inet.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00036864 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_psutil_windows.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00525208 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\windows._lib_cacheinvalidation.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00011264 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32crypt.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00077312 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._html2.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00027136 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_multiprocessing.pyd
2016-10-14 10:14 - 2016-10-14 10:14 - 00020480 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\_yappi.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00035840 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32process.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00686080 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\unicodedata.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00078848 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._animate.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00123392 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\wx._wizard.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00024064 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32pipe.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00010240 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\select.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00025600 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32pdh.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00017408 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32profile.pyd
2016-10-14 10:15 - 2016-10-14 10:15 - 00022528 ____R () C:\Users\Joerg\AppData\Local\Temp\_MEI43882\win32ts.pyd
2016-09-20 08:49 - 2016-09-20 08:49 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-10-03 16:47 - 2016-10-03 16:47 - 01114136 _____ () C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2016-10-03 11:45 - 2013-09-03 14:29 - 00105448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdmetrics.dll
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2016-08-11 11:44 - 2016-08-11 11:44 - 00074424 _____ () C:\Program Files (x86)\Evernote\Evernote\Microsoft.DwayneNeed.Win32.dll
2016-10-14 13:20 - 2016-09-22 03:44 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-10-14 13:19 - 2016-09-22 03:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-10-14 13:20 - 2016-09-22 03:44 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-10-14 13:20 - 2016-09-22 03:44 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-10-14 13:20 - 2016-09-22 03:44 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-10-14 13:19 - 2016-09-22 03:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-10-14 13:19 - 2016-09-22 03:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-10-14 13:19 - 2016-09-22 03:42 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-10-14 13:19 - 2016-10-10 20:35 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-10-14 13:19 - 2016-10-10 20:30 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-10-14 13:19 - 2016-10-10 20:35 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-10-14 13:19 - 2016-10-10 20:35 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-10-14 13:20 - 2016-09-22 03:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-10-14 13:19 - 2016-09-22 03:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-10-14 13:19 - 2016-09-22 03:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-10-14 13:20 - 2016-10-10 20:35 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-10-14 13:20 - 2016-09-22 03:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-10-14 13:20 - 2016-10-10 20:35 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-10-14 13:19 - 2016-10-10 20:35 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-10-14 10:26 - 2016-10-14 10:42 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:11 - 2015-10-30 20:11 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-24 00:36 - 2016-08-24 00:36 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.16.19.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Joerg\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\7z1604-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\CB_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\checkdrive (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\checkdrive.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\PDFXVwer_2.5.318.1.exe:BDU [0]
AlternateDataStreams: C:\Users\Joerg\Downloads\veracrypt_setup_1.18a.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-10-14 13:14 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BC35034D-12A0-45FB-B086-9536C704947E}] => (Allow) E:\GameforgeLive\gfl_client.exe
FirewallRules: [{0BC2B0B4-D708-4413-9485-3440D393B4DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D4A3CA9E-A1F8-4BAE-97E3-0ED2988F7755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A0BCB76-8FC9-40E8-8F62-7DA1335F7C72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8223776-EAF2-45CA-B747-638B130A5413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B9DFC471-F000-4DB5-A415-3F6293EB2A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E4ECB9C6-30A6-457C-A498-83E31F25CBD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7E18FE61-F0D3-4C1A-8859-051F7AE2C2F5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8F808EA8-E629-4394-A49A-00A13DB513E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C67399B-DF80-40B2-887B-A2A471E25B6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00AF6F55-1905-4165-94DD-097BA95A3AB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28858179-1E06-4CDA-9481-DD5CBB0E2F79}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B41E4DC7-7F10-4C1F-8FCA-01A67B3C7A30}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [UDP Query User{2E7AA33D-DA0E-47F2-9F42-47C4EBAF9808}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{753EFC41-DBD5-4C5D-BA8C-E0BC66898E99}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7DCAE2CB-D979-4CF2-B332-0BE838F0C46B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CEF3640D-A3FA-4172-A690-FBDD4BF5021C}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{38493FAE-F7EF-4420-8ED3-563BB1551250}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe
FirewallRules: [{3DDBC8BD-0493-4581-9640-57DAF9E05632}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

07-10-2016 21:36:08 Removed Adobe Acrobat DC.
09-10-2016 23:40:53 Windows Modules Installer
14-10-2016 13:03:49 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2016 01:20:18 PM) (Source: DbxSvc) (EventID: 270) (User: )
Description: Filter Unload failed with: (-2145452013) The system could not find the filter specified.

Error: (10/14/2016 01:05:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/14/2016 12:46:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/14/2016 12:46:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.


System errors:
=============
Error: (10/14/2016 01:20:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Interactive Services Detection" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (10/14/2016 01:20:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Interactive Services Detection" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (10/14/2016 01:04:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/14/2016 10:17:12 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/14/2016 10:14:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/12/2016 12:48:36 PM) (Source: DCOM) (EventID: 10010) (User: RECHTS-PC)
Description: Der Server "App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 12:48:36 PM) (Source: DCOM) (EventID: 10010) (User: RECHTS-PC)
Description: Der Server "Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 11:20:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 08:51:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/12/2016 08:48:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Image Acquisition (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-10-14 10:13:43.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-12 08:47:49.250
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-11 09:14:10.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 19:12:07.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 17:12:20.878
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-10 00:26:59.539
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 23:55:13.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 21:31:24.888
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-09 20:59:41.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-08 20:00:35.571
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-4300 Quad-Core Processor
Percentage of memory in use: 69%
Total physical RAM: 4077.55 MB
Available physical RAM: 1225.62 MB
Total Virtual: 5741.55 MB
Available Virtual: 2009.68 MB

==================== Drives ================================

Drive c: (Boot - C Platte 1) (Fixed) (Total:345.13 GB) (Free:133.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Platte 2 -D) (Fixed) (Total:472.07 GB) (Free:411.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Backup Platte 2) (Fixed) (Total:459 GB) (Free:227.77 GB) NTFS
Drive f: (F: Platte 1) (Fixed) (Total:341.8 GB) (Free:326.12 GB) NTFS
Drive g: (USB 3.0 ) (Removable) (Total:58.87 GB) (Free:55.99 GB) exFAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 34EDD9FE)
Partition 1: (Active) - (Size=472.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 23F55897)
Partition 1: (Active) - (Size=345.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=244.1 GB) - (Type=05)

========================================================
Disk: 2 (Size: 58.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

deeprybka 14.10.2016 17:04
Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

joerg_k 14.10.2016 17:47
dann mal weiter :-)

Code:
18:43:25.0841 0x24a0  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
18:43:36.0177 0x24a0  ============================================================
18:43:36.0177 0x24a0  Current date / time: 2016/10/14 18:43:36.0177
18:43:36.0177 0x24a0  SystemInfo:
18:43:36.0177 0x24a0 
18:43:36.0177 0x24a0  OS Version: 10.0.14393 ServicePack: 0.0
18:43:36.0177 0x24a0  Product type: Workstation
18:43:36.0177 0x24a0  ComputerName: RECHTS-PC
18:43:36.0177 0x24a0  UserName: Joerg
18:43:36.0177 0x24a0  Windows directory: C:\WINDOWS
18:43:36.0177 0x24a0  System windows directory: C:\WINDOWS
18:43:36.0177 0x24a0  Running under WOW64
18:43:36.0177 0x24a0  Processor architecture: Intel x64
18:43:36.0177 0x24a0  Number of processors: 4
18:43:36.0177 0x24a0  Page size: 0x1000
18:43:36.0177 0x24a0  Boot type: Normal boot
18:43:36.0178 0x24a0  CodeIntegrityOptions = 0x00000001
18:43:36.0178 0x24a0  ============================================================
18:43:36.0514 0x24a0  KLMD registered as C:\WINDOWS\system32\drivers\23825334.sys
18:43:36.0514 0x24a0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.321, osProperties = 0x19
18:43:37.0003 0x24a0  System UUID: {99170E80-7ECB-5CDD-A205-27B7C2127FE2}
18:43:37.0508 0x24a0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:43.0326 0x24a0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:43.0366 0x24a0  Drive \Device\Harddisk2\DR2 - Size: 0xEB8000000 ( 58.88 Gb ), SectorSize: 0x200, Cylinders: 0x1E05, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:43.0416 0x24a0  ============================================================
18:43:43.0416 0x24a0  \Device\Harddisk1\DR1:
18:43:43.0416 0x24a0  MBR partitions:
18:43:43.0416 0x24a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2B244800
18:43:43.0416 0x24a0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2B326000, BlocksNum 0x2AB97800
18:43:43.0447 0x24a0  \Device\Harddisk0\DR0:
18:43:43.0447 0x24a0  MBR partitions:
18:43:43.0447 0x24a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3B023000
18:43:43.0447 0x24a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B104800, BlocksNum 0x39601800
18:43:43.0447 0x24a0  \Device\Harddisk2\DR2:
18:43:43.0448 0x24a0  MBR partitions:
18:43:43.0448 0x24a0  ============================================================
18:43:43.0481 0x24a0  C: <-> \Device\Harddisk1\DR1\Partition1
18:43:43.0493 0x24a0  D: <-> \Device\Harddisk0\DR0\Partition1
18:43:43.0527 0x24a0  E: <-> \Device\Harddisk0\DR0\Partition2
18:43:43.0576 0x24a0  F: <-> \Device\Harddisk1\DR1\Partition2
18:43:43.0576 0x24a0  ============================================================
18:43:43.0576 0x24a0  Initialize success
18:43:43.0576 0x24a0  ============================================================
18:44:26.0658 0x2768  ============================================================
18:44:26.0658 0x2768  Scan started
18:44:26.0658 0x2768  Mode: Manual; SigCheck; TDLFS;
18:44:26.0658 0x2768  ============================================================
18:44:26.0659 0x2768  KSN ping started
18:44:27.0869 0x2768  KSN ping finished: true
18:44:31.0964 0x2768  ================ Scan system memory ========================
18:44:31.0964 0x2768  System memory - ok
18:44:31.0966 0x2768  ================ Scan services =============================
18:44:32.0131 0x2768  1394ohci - ok
18:44:32.0137 0x2768  3ware - ok
18:44:32.0159 0x2768  [ AD86367BD36D3BAB28613D2FFAA42A4E, BECB2427DC1685B58C5CE3B85D3B31944BFF76C9A81EF728285D6CDA1D3FB246 ] abelssoft_recordify C:\WINDOWS\system32\drivers\recordify.sys
18:44:32.0431 0x2768  abelssoft_recordify - detected UnsignedFile.Multi.Generic ( 1 )
18:44:33.0695 0x2768  Detect skipped due to KSN trusted
18:44:33.0695 0x2768  abelssoft_recordify - ok
18:44:33.0713 0x2768  ACPI - ok
18:44:33.0724 0x2768  AcpiDev - ok
18:44:33.0732 0x2768  acpiex - ok
18:44:33.0737 0x2768  acpipagr - ok
18:44:33.0743 0x2768  AcpiPmi - ok
18:44:33.0748 0x2768  acpitime - ok
18:44:33.0848 0x2768  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:44:33.0903 0x2768  AdobeFlashPlayerUpdateSvc - ok
18:44:33.0910 0x2768  ADP80XX - ok
18:44:33.0917 0x2768  AFD - ok
18:44:34.0070 0x2768  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
18:44:34.0214 0x2768  AGSService - ok
18:44:34.0223 0x2768  ahcache - ok
18:44:34.0240 0x2768  AJRouter - ok
18:44:34.0250 0x2768  ALG - ok
18:44:34.0254 0x2768  AmdK8 - ok
18:44:34.0259 0x2768  AmdPPM - ok
18:44:34.0265 0x2768  amdsata - ok
18:44:34.0270 0x2768  amdsbs - ok
18:44:34.0274 0x2768  amdxata - ok
18:44:34.0278 0x2768  AppID - ok
18:44:34.0282 0x2768  AppIDSvc - ok
18:44:34.0293 0x2768  Appinfo - ok
18:44:34.0377 0x2768  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:44:34.0414 0x2768  Apple Mobile Device Service - ok
18:44:34.0422 0x2768  applockerfltr - ok
18:44:34.0427 0x2768  AppMgmt - ok
18:44:34.0443 0x2768  AppReadiness - ok
18:44:34.0455 0x2768  AppVClient - ok
18:44:34.0461 0x2768  AppvStrm - ok
18:44:34.0467 0x2768  AppvVemgr - ok
18:44:34.0478 0x2768  AppvVfs - ok
18:44:34.0495 0x2768  AppXSvc - ok
18:44:34.0499 0x2768  arcsas - ok
18:44:34.0502 0x2768  AsyncMac - ok
18:44:34.0517 0x2768  atapi - ok
18:44:34.0531 0x2768  AudioEndpointBuilder - ok
18:44:34.0541 0x2768  Audiosrv - ok
18:44:34.0603 0x2768  [ ED9D271CDC32C4EDCD86835372BAB74E, 639D2BCE1FD143DAE61DD5F0FE4E5C38942FCE9AEB5C7201EA431FA511CEC676 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
18:44:34.0686 0x2768  avc3 - ok
18:44:34.0732 0x2768  [ 6917D3C8923ABF7EBC68029A1E15C1AE, 6EBFE25343026E2AE62F195CC2164566F0C8FF7ACAA8FA5B2713766C4C7877BF ] avckf          C:\WINDOWS\system32\DRIVERS\avckf.sys
18:44:34.0772 0x2768  avckf - ok
18:44:34.0778 0x2768  AxInstSV - ok
18:44:34.0805 0x2768  b06bdrv - ok
18:44:34.0809 0x2768  BasicDisplay - ok
18:44:34.0814 0x2768  BasicRender - ok
18:44:34.0819 0x2768  bcmfn - ok
18:44:34.0823 0x2768  bcmfn2 - ok
18:44:34.0852 0x2768  [ 4B190ACAE90EC79AD4D43EFCD3743DA0, 9D5187D4E1DF1672DEA2EF5C910FCA08BD8ED0573A55DF774E5300312ED87E05 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
18:44:34.0877 0x2768  bdelam - ok
18:44:34.0881 0x2768  BDESVC - ok
18:44:34.0967 0x2768  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf        C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
18:44:34.0993 0x2768  bdfwfpf - ok
18:44:35.0017 0x2768  [ C7C6393C540A1EE534BCEE74626DE987, 36FDD695E3138B31FD2FDDB5E8429C7CB5D7B5D3B8A3E7C3E7DCE2F0FF687F11 ] bdisk          C:\WINDOWS\system32\drivers\bdisk.sys
18:44:35.0046 0x2768  bdisk - ok
18:44:35.0071 0x2768  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
18:44:35.0099 0x2768  BDVEDISK - ok
18:44:35.0103 0x2768  Beep - ok
18:44:35.0124 0x2768  BFE - ok
18:44:35.0128 0x2768  BITS - ok
18:44:35.0182 0x2768  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:44:35.0232 0x2768  Bonjour Service - ok
18:44:35.0237 0x2768  bowser - ok
18:44:35.0241 0x2768  BrokerInfrastructure - ok
18:44:35.0246 0x2768  Browser - ok
18:44:35.0270 0x2768  BthAvrcpTg - ok
18:44:35.0275 0x2768  BthHFEnum - ok
18:44:35.0279 0x2768  bthhfhid - ok
18:44:35.0283 0x2768  BthHFSrv - ok
18:44:35.0287 0x2768  BTHMODEM - ok
18:44:35.0293 0x2768  bthserv - ok
18:44:35.0327 0x2768  buttonconverter - ok
18:44:35.0331 0x2768  CapImg - ok
18:44:35.0367 0x2768  [ 10CDB598B555D2A06DA52A6C2D5F7DFE, 4194EF2B0CDCCAC40D2836C505226C98EA45648D66F918CFBFC2137761884E9A ] CBUfs          C:\WINDOWS\system32\drivers\CBUFS.sys
18:44:35.0402 0x2768  CBUfs - ok
18:44:35.0475 0x2768  [ 8D73FFFD9762EECF7680C4368A38B653, 128CCB95024B93912B2C4C989A6155A62AC18F5FEBE0E94F933E9848955B36DB ] cbvd            C:\WINDOWS\system32\DRIVERS\cbvd.sys
18:44:35.0535 0x2768  cbvd - ok
18:44:35.0541 0x2768  cdfs - ok
18:44:35.0545 0x2768  CDPSvc - ok
18:44:35.0549 0x2768  CDPUserSvc - ok
18:44:35.0619 0x2768  cdrom - ok
18:44:35.0632 0x2768  CertPropSvc - ok
18:44:35.0637 0x2768  cht4iscsi - ok
18:44:35.0641 0x2768  cht4vbd - ok
18:44:35.0652 0x2768  circlass - ok
18:44:35.0666 0x2768  CLFS - ok
18:44:35.0798 0x2768  [ 99D4DBD01BC8384B8A395778D9F45D2C, 1F21E9E19FAF48CA7DDFB2A1ED39DBBB38AFCBEB86BED0A42A673D565D0C77FC ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:44:35.0894 0x2768  ClickToRunSvc - ok
18:44:35.0904 0x2768  ClipSVC - ok
18:44:35.0908 0x2768  clreg - ok
18:44:35.0919 0x2768  CmBatt - ok
18:44:35.0945 0x2768  CNG - ok
18:44:35.0949 0x2768  cnghwassist - ok
18:44:36.0001 0x2768  CompositeBus - ok
18:44:36.0006 0x2768  COMSysApp - ok
18:44:36.0010 0x2768  condrv - ok
18:44:36.0030 0x2768  CoreMessagingRegistrar - ok
18:44:36.0142 0x2768  [ 5779731037C856ECDE96328D41742DBF, 4CB4C024C0750FE07A80FC693C78FAF03A199858C0B183E72026D3F7549D759D ] COSService.exe  C:\Program Files\COMODO\COMMON\COSService.exe
18:44:36.0272 0x2768  COSService.exe - ok
18:44:36.0300 0x2768  CryptSvc - ok
18:44:36.0304 0x2768  CSC - ok
18:44:36.0308 0x2768  CscService - ok
18:44:36.0355 0x2768  dam - ok
18:44:36.0414 0x2768  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:44:36.0451 0x2768  dbupdate - ok
18:44:36.0462 0x2768  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem      C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:44:36.0490 0x2768  dbupdatem - ok
18:44:36.0495 0x2768  dbx - ok
18:44:36.0508 0x2768  [ A8352D11F8E2F7E8FA0BD6F8EF599C61, 72B9F8B96433CCFE5CC9FB786BF976068BDDC04D39F9F3BCFA5132E61A97C3FD ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
18:44:37.0121 0x2768  DbxSvc - ok
18:44:37.0140 0x2768  DcomLaunch - ok
18:44:37.0145 0x2768  DcpSvc - ok
18:44:37.0172 0x2768  defragsvc - ok
18:44:37.0214 0x2768  DeviceAssociationService - ok
18:44:37.0219 0x2768  DeviceInstall - ok
18:44:37.0223 0x2768  DevQueryBroker - ok
18:44:37.0251 0x2768  Dfsc - ok
18:44:37.0255 0x2768  Dhcp - ok
18:44:37.0305 0x2768  diagnosticshub.standardcollector.service - ok
18:44:37.0356 0x2768  DiagTrack - ok
18:44:37.0466 0x2768  [ 3F67A20D02EF74C112A42FD7746C8E2E, 502FA3C7C5F1BC51CA51ECB9A29EFAFFB36867F76AACF51FA7BEE45674F2C278 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
18:44:37.0523 0x2768  DigitalWave.Update.Service - ok
18:44:37.0546 0x2768  disk - ok
18:44:37.0550 0x2768  DmEnrollmentSvc - ok
18:44:37.0555 0x2768  dmvsc - ok
18:44:37.0559 0x2768  dmwappushservice - ok
18:44:37.0565 0x2768  Dnscache - ok
18:44:37.0572 0x2768  dot3svc - ok
18:44:37.0576 0x2768  DPS - ok
18:44:37.0596 0x2768  drmkaud - ok
18:44:37.0600 0x2768  DsmSvc - ok
18:44:37.0604 0x2768  DsSvc - ok
18:44:37.0642 0x2768  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01    C:\WINDOWS\System32\drivers\dtsoftbus01.sys
18:44:37.0674 0x2768  dtsoftbus01 - ok
18:44:37.0678 0x2768  DXGKrnl - ok
18:44:37.0724 0x2768  EapHost - ok
18:44:37.0781 0x2768  [ 97E0A6C61554927D0EF3E081FF510353, EF9BD788584D18C9D0F1488DBFEC105819D59BFFD638F4A57A0F32A3A4A02662 ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
18:44:37.0816 0x2768  EaseUS Agent - ok
18:44:37.0821 0x2768  ebdrv - ok
18:44:37.0826 0x2768  EFS - ok
18:44:37.0831 0x2768  EhStorClass - ok
18:44:37.0860 0x2768  EhStorTcgDrv - ok
18:44:38.0010 0x2768  embeddedmode - ok
18:44:38.0036 0x2768  EntAppSvc - ok
18:44:38.0059 0x2768  [ C96635C52C5464AB2CEDA6500067F19D, 3827A481339D7ADDC21B0F34C74C6D22E4E474EC5E07A1406EFBE6A007E73537 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
18:44:38.0187 0x2768  epmntdrv - ok
18:44:38.0213 0x2768  epp - ok
18:44:38.0219 0x2768  ErrDev - ok
18:44:38.0256 0x2768  [ 32710ECBE3C17C6F769BAC88CD1756FF, BB9B269F0322FFBFAC459EC15BA9410A5FF5CDCBD38F67F8482720ACB1799C2B ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
18:44:38.0299 0x2768  ESProtectionDriver - ok
18:44:38.0323 0x2768  [ 83EF0C33B56360761AE2DDB86E47B2E8, 7DCB2083286C7CF6F1A7D7388FAFFE306EAA9A995B371B15A24F6FD9A876CCC0 ] EUBAKUP        C:\WINDOWS\system32\drivers\eubakup.sys
18:44:38.0362 0x2768  EUBAKUP - ok
18:44:38.0388 0x2768  [ CCF2072C27B5F84447A0829014C43760, D87E9F4344D7EEA47D4B7E377FF93048EED05BD2F8998548EA74C3DF4FE7F0A6 ] EUBKMON        C:\WINDOWS\system32\drivers\EUBKMON.sys
18:44:38.0401 0x2768  EUBKMON - ok
18:44:38.0416 0x2768  [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS        C:\WINDOWS\system32\drivers\eudskacs.sys
18:44:38.0454 0x2768  EUDSKACS - ok
18:44:38.0480 0x2768  [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK        C:\WINDOWS\system32\drivers\EuFdDisk.sys
18:44:38.0504 0x2768  EUFDDISK - ok
18:44:38.0524 0x2768  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
18:44:38.0576 0x2768  EuGdiDrv - ok
18:44:38.0581 0x2768  EventSystem - ok
18:44:38.0585 0x2768  exfat - ok
18:44:38.0588 0x2768  fastfat - ok
18:44:38.0610 0x2768  Fax - ok
18:44:38.0614 0x2768  fdc - ok
18:44:38.0619 0x2768  fdPHost - ok
18:44:38.0626 0x2768  FDResPub - ok
18:44:38.0641 0x2768  fhsvc - ok
18:44:38.0658 0x2768  FileCrypt - ok
18:44:38.0662 0x2768  FileInfo - ok
18:44:38.0665 0x2768  Filetrace - ok
18:44:38.0669 0x2768  flpydisk - ok
18:44:38.0676 0x2768  FltMgr - ok
18:44:38.0679 0x2768  FontCache - ok
18:44:38.0724 0x2768  FontCache3.0.0.0 - ok
18:44:38.0742 0x2768  FrameServer - ok
18:44:38.0745 0x2768  FsDepends - ok
18:44:38.0749 0x2768  Fs_Rec - ok
18:44:38.0763 0x2768  fvevol - ok
18:44:38.0767 0x2768  gencounter - ok
18:44:38.0771 0x2768  genericusbfn - ok
18:44:38.0870 0x2768  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:44:38.0914 0x2768  GfExperienceService - ok
18:44:38.0937 0x2768  GPIOClx0101 - ok
18:44:38.0947 0x2768  gpsvc - ok
18:44:38.0950 0x2768  GpuEnergyDrv - ok
18:44:39.0009 0x2768  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:39.0024 0x2768  gupdate - ok
18:44:39.0030 0x2768  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:39.0042 0x2768  gupdatem - ok
18:44:39.0073 0x2768  [ E4B7F2553A127E86E11343ED15320A99, A4EA52DF5D24EF8210192669934D3D0DD1A0E4CCAAD014D52F58D58A9D3C886A ] gzflt          C:\WINDOWS\system32\DRIVERS\gzflt.sys
18:44:39.0091 0x2768  gzflt - ok
18:44:39.0095 0x2768  HdAudAddService - ok
18:44:39.0100 0x2768  HDAudBus - ok
18:44:39.0105 0x2768  HidBatt - ok
18:44:39.0110 0x2768  HidBth - ok
18:44:39.0114 0x2768  hidi2c - ok
18:44:39.0121 0x2768  hidinterrupt - ok
18:44:39.0126 0x2768  HidIr - ok
18:44:39.0157 0x2768  hidserv - ok
18:44:39.0161 0x2768  HidUsb - ok
18:44:39.0166 0x2768  HomeGroupListener - ok
18:44:39.0179 0x2768  HomeGroupProvider - ok
18:44:39.0186 0x2768  HpSAMD - ok
18:44:39.0200 0x2768  HTTP - ok
18:44:39.0207 0x2768  HvHost - ok
18:44:39.0213 0x2768  hvservice - ok
18:44:39.0293 0x2768  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
18:44:39.0329 0x2768  HWiNFO32 - ok
18:44:39.0334 0x2768  hwpolicy - ok
18:44:39.0339 0x2768  hyperkbd - ok
18:44:39.0361 0x2768  i8042prt - ok
18:44:39.0366 0x2768  iagpio - ok
18:44:39.0371 0x2768  iai2c - ok
18:44:39.0376 0x2768  iaLPSS2i_GPIO2 - ok
18:44:39.0381 0x2768  iaLPSS2i_I2C - ok
18:44:39.0385 0x2768  iaLPSSi_GPIO - ok
18:44:39.0394 0x2768  iaLPSSi_I2C - ok
18:44:39.0398 0x2768  iaStorAV - ok
18:44:39.0402 0x2768  iaStorV - ok
18:44:39.0406 0x2768  ibbus - ok
18:44:39.0429 0x2768  icssvc - ok
18:44:39.0457 0x2768  [ 2C3928A343E2F29A7770BD429331DDCF, 5F376C4E7F097C410EC44E8EABA415B145939292713841AFF77702FF1BC57B61 ] ignis          C:\WINDOWS\system32\DRIVERS\ignis.sys
18:44:39.0491 0x2768  ignis - ok
18:44:39.0536 0x2768  [ EB7BA65AA0EDF27EAB0109AC73F2779C, EB952C72CBB43A07E1E8AC003323CD7C5E2ED7AFC5E06973F7BDB0C702C5630D ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:44:39.0560 0x2768  IJPLMSVC - ok
18:44:39.0564 0x2768  IKEEXT - ok
18:44:39.0567 0x2768  IndirectKmd - ok
18:44:39.0600 0x2768  intelide - ok
18:44:39.0603 0x2768  intelpep - ok
18:44:39.0624 0x2768  intelppm - ok
18:44:39.0628 0x2768  iorate - ok
18:44:39.0631 0x2768  IpFilterDriver - ok
18:44:39.0634 0x2768  iphlpsvc - ok
18:44:39.0638 0x2768  IPMIDRV - ok
18:44:39.0642 0x2768  IPNAT - ok
18:44:39.0690 0x2768  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:44:39.0720 0x2768  iPod Service - ok
18:44:39.0725 0x2768  irda - ok
18:44:39.0728 0x2768  IRENUM - ok
18:44:39.0746 0x2768  irmon - ok
18:44:39.0750 0x2768  isapnp - ok
18:44:39.0753 0x2768  iScsiPrt - ok
18:44:39.0774 0x2768  kbdclass - ok
18:44:39.0778 0x2768  kbdhid - ok
18:44:39.0791 0x2768  kdnic - ok
18:44:39.0804 0x2768  KeyIso - ok
18:44:39.0808 0x2768  KSecDD - ok
18:44:39.0817 0x2768  KSecPkg - ok
18:44:39.0821 0x2768  ksthunk - ok
18:44:39.0833 0x2768  KtmRm - ok
18:44:39.0841 0x2768  LanmanServer - ok
18:44:39.0845 0x2768  LanmanWorkstation - ok
18:44:39.0850 0x2768  lfsvc - ok
18:44:39.0869 0x2768  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum      C:\WINDOWS\system32\drivers\LGBusEnum.sys
18:44:39.0888 0x2768  LGBusEnum - ok
18:44:39.0946 0x2768  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
18:44:39.0974 0x2768  LGCoreTemp - ok
18:44:39.0997 0x2768  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore    C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
18:44:40.0024 0x2768  LGJoyXlCore - ok
18:44:40.0082 0x2768  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
18:44:40.0122 0x2768  LGVirHid - ok
18:44:40.0128 0x2768  LicenseManager - ok
18:44:40.0278 0x2768  [ D15EBE877305F8CAB5C78822C9BA3C9F, 36D3BE65DF33EC2702C7A1B2DA0358D7F944C8C7A402A5D46DAC3D3DD8444570 ] LiveUpdateSvc  C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
18:44:40.0552 0x2768  LiveUpdateSvc - ok
18:44:40.0561 0x2768  lltdio - ok
18:44:40.0576 0x2768  lltdsvc - ok
18:44:40.0582 0x2768  lmhosts - ok
18:44:40.0602 0x2768  [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
18:44:40.0619 0x2768  LogiRegistryService - ok
18:44:40.0636 0x2768  LSI_SAS - ok
18:44:40.0639 0x2768  LSI_SAS2i - ok
18:44:40.0643 0x2768  LSI_SAS3i - ok
18:44:40.0646 0x2768  LSI_SSS - ok
18:44:40.0671 0x2768  LSM - ok
18:44:40.0677 0x2768  luafv - ok
18:44:40.0681 0x2768  MapsBroker - ok
18:44:40.0755 0x2768  [ DE111E937CB01E149FD749F67CDA7DD9, 1434FD87072FE4032D40E2B59DA301B0B35A301DAD4A6E7FE53BE8044BD2B465 ] MbaeSvc        C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
18:44:40.0808 0x2768  MbaeSvc - ok
18:44:40.0814 0x2768  megasas - ok
18:44:40.0858 0x2768  megasas2i - ok
18:44:40.0868 0x2768  megasr - ok
18:44:40.0871 0x2768  MessagingService - ok
18:44:40.0925 0x2768  Microsoft SharePoint Workspace Audit Service - ok
18:44:40.0929 0x2768  mlx4_bus - ok
18:44:40.0933 0x2768  MMCSS - ok
18:44:40.0936 0x2768  Modem - ok
18:44:40.0939 0x2768  monitor - ok
18:44:40.0942 0x2768  mouclass - ok
18:44:40.0946 0x2768  mouhid - ok
18:44:40.0949 0x2768  mountmgr - ok
18:44:40.0977 0x2768  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:44:41.0013 0x2768  MozillaMaintenance - ok
18:44:41.0017 0x2768  mpsdrv - ok
18:44:41.0021 0x2768  MpsSvc - ok
18:44:41.0038 0x2768  MRxDAV - ok
18:44:41.0042 0x2768  mrxsmb - ok
18:44:41.0065 0x2768  mrxsmb10 - ok
18:44:41.0069 0x2768  mrxsmb20 - ok
18:44:41.0091 0x2768  MsBridge - ok
18:44:41.0104 0x2768  MSDTC - ok
18:44:41.0111 0x2768  Msfs - ok
18:44:41.0115 0x2768  msgpiowin32 - ok
18:44:41.0119 0x2768  mshidkmdf - ok
18:44:41.0123 0x2768  mshidumdf - ok
18:44:41.0127 0x2768  msisadrv - ok
18:44:41.0132 0x2768  MSiSCSI - ok
18:44:41.0136 0x2768  msiserver - ok
18:44:41.0139 0x2768  MSKSSRV - ok
18:44:41.0143 0x2768  MsLldp - ok
18:44:41.0148 0x2768  MSPCLOCK - ok
18:44:41.0151 0x2768  MSPQM - ok
18:44:41.0155 0x2768  MsRPC - ok
18:44:41.0160 0x2768  MsSecFlt - ok
18:44:41.0164 0x2768  mssmbios - ok
18:44:41.0168 0x2768  MSTEE - ok
18:44:41.0171 0x2768  MTConfig - ok
18:44:41.0176 0x2768  Mup - ok
18:44:41.0179 0x2768  mvumis - ok
18:44:41.0198 0x2768  NativeWifiP - ok
18:44:41.0202 0x2768  NcaSvc - ok
18:44:41.0214 0x2768  NcbService - ok
18:44:41.0218 0x2768  NcdAutoSetup - ok
18:44:41.0222 0x2768  ndfltr - ok
18:44:41.0234 0x2768  NDIS - ok
18:44:41.0237 0x2768  NdisCap - ok
18:44:41.0250 0x2768  NdisImPlatform - ok
18:44:41.0264 0x2768  NdisTapi - ok
18:44:41.0267 0x2768  Ndisuio - ok
18:44:41.0271 0x2768  NdisVirtualBus - ok
18:44:41.0274 0x2768  NdisWan - ok
18:44:41.0278 0x2768  ndiswanlegacy - ok
18:44:41.0282 0x2768  ndproxy - ok
18:44:41.0285 0x2768  Ndu - ok
18:44:41.0290 0x2768  NetAdapterCx - ok
18:44:41.0294 0x2768  NetBIOS - ok
18:44:41.0299 0x2768  NetBT - ok
18:44:41.0302 0x2768  Netlogon - ok
18:44:41.0306 0x2768  Netman - ok
18:44:41.0317 0x2768  netprofm - ok
18:44:41.0325 0x2768  NetSetupSvc - ok
18:44:41.0389 0x2768  NetTcpPortSharing - ok
18:44:41.0395 0x2768  NgcCtnrSvc - ok
18:44:41.0398 0x2768  NgcSvc - ok
18:44:41.0402 0x2768  NlaSvc - ok
18:44:41.0406 0x2768  Npfs - ok
18:44:41.0409 0x2768  npsvctrig - ok
18:44:41.0414 0x2768  nsi - ok
18:44:41.0418 0x2768  nsiproxy - ok
18:44:41.0427 0x2768  NTFS - ok
18:44:41.0431 0x2768  Null - ok
18:44:41.0461 0x2768  [ 417F5789073BE7B3DE45C308F3C527DF, 5137D7451D8D58BF5D7FFDF83F8C72CAAB05AFE237318FC4E1AE06F4FFE5CBFD ] NVHDA          C:\WINDOWS\system32\drivers\nvhda64v.sys
18:44:41.0483 0x2768  NVHDA - ok
18:44:41.0930 0x2768  [ 6B35BB6D1265906F93E37E1B737E31DB, 7168DD2185D5BC3EFB492254AAE079FAB8F5718FDFF1DE8151BC42F9318F7F92 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys
18:44:42.0460 0x2768  nvlddmkm - ok
18:44:42.0622 0x2768  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:44:42.0695 0x2768  NvNetworkService - ok
18:44:42.0722 0x2768  nvraid - ok
18:44:42.0727 0x2768  nvstor - ok
18:44:42.0818 0x2768  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:44:42.0851 0x2768  NvStreamKms - ok
18:44:42.0948 0x2768  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:44:43.0063 0x2768  NvStreamNetworkSvc - ok
18:44:43.0164 0x2768  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:44:43.0282 0x2768  NvStreamSvc - ok
18:44:43.0372 0x2768  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
18:44:44.0082 0x2768  nvsvc - ok
18:44:44.0142 0x2768  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:44:44.0171 0x2768  nvvad_WaveExtensible - ok
18:44:44.0209 0x2768  OneSyncSvc - ok
18:44:44.0306 0x2768  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:44:44.0353 0x2768  ose - ok
18:44:44.0559 0x2768  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:44:44.0785 0x2768  osppsvc - ok
18:44:44.0801 0x2768  p2pimsvc - ok
18:44:44.0806 0x2768  p2psvc - ok
18:44:44.0811 0x2768  Parport - ok
18:44:44.0816 0x2768  partmgr - ok
18:44:44.0821 0x2768  PcaSvc - ok
18:44:44.0840 0x2768  pci - ok
18:44:44.0859 0x2768  pciide - ok
18:44:44.0863 0x2768  pcmcia - ok
18:44:44.0868 0x2768  pcw - ok
18:44:44.0881 0x2768  pdc - ok
18:44:44.0892 0x2768  PEAUTH - ok
18:44:44.0896 0x2768  PeerDistSvc - ok
18:44:44.0899 0x2768  percsas2i - ok
18:44:44.0903 0x2768  percsas3i - ok
18:44:44.0948 0x2768  PerfHost - ok
18:44:44.0968 0x2768  PhoneSvc - ok
18:44:44.0995 0x2768  PimIndexMaintenanceSvc - ok
18:44:45.0032 0x2768  pla - ok
18:44:45.0041 0x2768  PlugPlay - ok
18:44:45.0045 0x2768  PNRPAutoReg - ok
18:44:45.0049 0x2768  PNRPsvc - ok
18:44:45.0061 0x2768  PolicyAgent - ok
18:44:45.0066 0x2768  Power - ok
18:44:45.0070 0x2768  PptpMiniport - ok
18:44:45.0539 0x2768  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:44:45.0740 0x2768  PrintNotify - ok
18:44:45.0752 0x2768  Processor - ok
18:44:45.0847 0x2768  [ F6ACBFD52A3BEC4B73DAE66997489101, 74E58A30B77ECD1CFAA059BC5EB6B2E352B8341F14CE8CA9095307C35EC08CAD ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
18:44:45.0898 0x2768  ProductAgentService - ok
18:44:45.0928 0x2768  ProfSvc - ok
18:44:45.0932 0x2768  Psched - ok
18:44:45.0951 0x2768  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio        C:\WINDOWS\system32\pwdrvio.sys
18:44:46.0164 0x2768  pwdrvio - ok
18:44:46.0190 0x2768  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio        C:\WINDOWS\system32\pwdspio.sys
18:44:46.0221 0x2768  pwdspio - ok
18:44:46.0226 0x2768  QWAVE - ok
18:44:46.0230 0x2768  QWAVEdrv - ok
18:44:46.0235 0x2768  RasAcd - ok
18:44:46.0255 0x2768  RasAgileVpn - ok
18:44:46.0259 0x2768  RasAuto - ok
18:44:46.0263 0x2768  Rasl2tp - ok
18:44:46.0266 0x2768  RasMan - ok
18:44:46.0270 0x2768  RasPppoe - ok
18:44:46.0277 0x2768  RasSstp - ok
18:44:46.0280 0x2768  rdbss - ok
18:44:46.0296 0x2768  rdpbus - ok
18:44:46.0300 0x2768  RDPDR - ok
18:44:46.0323 0x2768  RdpVideoMiniport - ok
18:44:46.0327 0x2768  rdyboost - ok
18:44:46.0331 0x2768  ReFSv1 - ok
18:44:46.0346 0x2768  RemoteAccess - ok
18:44:46.0350 0x2768  RemoteRegistry - ok
18:44:46.0395 0x2768  [ D7F279E28D757821232E7AF1DFDC57BA, 4E4E1E0E968085E76C6696F0A2673368D07CF23968A5901F843EB396E6CEC68E ] reparse        C:\WINDOWS\system32\DRIVERS\cbreparse.sys
18:44:46.0442 0x2768  reparse - ok
18:44:46.0466 0x2768  RetailDemo - ok
18:44:46.0470 0x2768  RmSvc - ok
18:44:46.0476 0x2768  RpcEptMapper - ok
18:44:46.0502 0x2768  RpcLocator - ok
18:44:46.0507 0x2768  RpcSs - ok
18:44:46.0511 0x2768  rspndr - ok
18:44:46.0530 0x2768  rt640x64 - ok
18:44:46.0550 0x2768  s3cap - ok
18:44:46.0560 0x2768  SamSs - ok
18:44:46.0573 0x2768  sbp2port - ok
18:44:46.0583 0x2768  SCardSvr - ok
18:44:46.0587 0x2768  ScDeviceEnum - ok
18:44:46.0592 0x2768  scfilter - ok
18:44:46.0595 0x2768  Schedule - ok
18:44:46.0599 0x2768  scmbus - ok
18:44:46.0603 0x2768  scmdisk0101 - ok
18:44:46.0611 0x2768  SCPolicySvc - ok
18:44:46.0615 0x2768  sdbus - ok
18:44:46.0619 0x2768  SDRSVC - ok
18:44:46.0623 0x2768  sdstor - ok
18:44:46.0629 0x2768  seclogon - ok
18:44:46.0636 0x2768  SENS - ok
18:44:46.0657 0x2768  Sense - ok
18:44:46.0661 0x2768  SensorDataService - ok
18:44:46.0675 0x2768  SensorService - ok
18:44:46.0679 0x2768  SensrSvc - ok
18:44:46.0683 0x2768  SerCx - ok
18:44:46.0687 0x2768  SerCx2 - ok
18:44:46.0691 0x2768  Serenum - ok
18:44:46.0695 0x2768  Serial - ok
18:44:46.0699 0x2768  sermouse - ok
18:44:46.0710 0x2768  SessionEnv - ok
18:44:46.0714 0x2768  sfloppy - ok
18:44:46.0725 0x2768  SharedAccess - ok
18:44:46.0753 0x2768  ShellHWDetection - ok
18:44:46.0770 0x2768  shpamsvc - ok
18:44:46.0774 0x2768  SiSRaid2 - ok
18:44:46.0778 0x2768  SiSRaid4 - ok
18:44:46.0787 0x2768  smphost - ok
18:44:46.0791 0x2768  SmsRouter - ok
18:44:46.0803 0x2768  SNMPTRAP - ok
18:44:46.0811 0x2768  spaceport - ok
18:44:46.0815 0x2768  SpbCx - ok
18:44:46.0819 0x2768  Spooler - ok
18:44:46.0823 0x2768  sppsvc - ok
18:44:46.0828 0x2768  srv - ok
18:44:46.0832 0x2768  srv2 - ok
18:44:46.0835 0x2768  srvnet - ok
18:44:46.0839 0x2768  SSDPSRV - ok
18:44:46.0854 0x2768  SstpSvc - ok
18:44:46.0961 0x2768  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
18:44:47.0010 0x2768  ss_conn_service - ok
18:44:47.0024 0x2768  StateRepository - ok
18:44:47.0103 0x2768  [ 7A40EC8D2A1ED8D28E5359EE1EFED8A1, 70B1EF9A7B4655903B99BAF6FB333EF03CF7186B800BFA411B58D5ADE98803E3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
18:44:47.0171 0x2768  Stereo Service - ok
18:44:47.0177 0x2768  stexstor - ok
18:44:47.0183 0x2768  stisvc - ok
18:44:47.0188 0x2768  storahci - ok
18:44:47.0196 0x2768  storflt - ok
18:44:47.0201 0x2768  stornvme - ok
18:44:47.0207 0x2768  storqosflt - ok
18:44:47.0227 0x2768  StorSvc - ok
18:44:47.0232 0x2768  storufs - ok
18:44:47.0237 0x2768  storvsc - ok
18:44:47.0246 0x2768  svsvc - ok
18:44:47.0251 0x2768  swenum - ok
18:44:47.0257 0x2768  swprv - ok
18:44:47.0349 0x2768  [ C6F59E545B2BC2E1CF858C45B10B8BAD, 475AC54FF101B627747C43EE466E04C7479C405E8FC1EDE3CEA049AF0C5DDC89 ] SynchronizationService.exe C:\Program Files\COMODO\COMMON\SynchronizationService.exe
18:44:47.0435 0x2768  SynchronizationService.exe - ok
18:44:47.0445 0x2768  Synth3dVsc - ok
18:44:47.0466 0x2768  SysMain - ok
18:44:47.0496 0x2768  SystemEventsBroker - ok
18:44:47.0503 0x2768  TabletInputService - ok
18:44:47.0507 0x2768  TapiSrv - ok
18:44:47.0517 0x2768  Tcpip - ok
18:44:47.0521 0x2768  Tcpip6 - ok
18:44:47.0528 0x2768  tcpipreg - ok
18:44:47.0534 0x2768  tdx - ok
18:44:47.0538 0x2768  terminpt - ok
18:44:47.0543 0x2768  TermService - ok
18:44:47.0559 0x2768  Themes - ok
18:44:47.0567 0x2768  TieringEngineService - ok
18:44:47.0571 0x2768  tiledatamodelsvc - ok
18:44:47.0576 0x2768  TimeBrokerSvc - ok
18:44:47.0580 0x2768  TPM - ok
18:44:47.0585 0x2768  TrkWks - ok
18:44:47.0624 0x2768  [ ADD8AFDAB539AF2B1FB75F6DB2CD7B71, 46BA69DA6114A167D6C467AB9BA583514475509184C6FF056460ADE76D0A76B1 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
18:44:47.0663 0x2768  trufos - ok
18:44:47.0736 0x2768  TrustedInstaller - ok
18:44:47.0753 0x2768  tsusbflt - ok
18:44:47.0765 0x2768  TsUsbGD - ok
18:44:47.0773 0x2768  tsusbhub - ok
18:44:47.0779 0x2768  tunnel - ok
18:44:47.0784 0x2768  tzautoupdate - ok
18:44:47.0788 0x2768  UASPStor - ok
18:44:47.0794 0x2768  UcmCx0101 - ok
18:44:47.0799 0x2768  UcmTcpciCx0101 - ok
18:44:47.0804 0x2768  UcmUcsi - ok
18:44:47.0808 0x2768  Ucx01000 - ok
18:44:47.0813 0x2768  UdeCx - ok
18:44:47.0817 0x2768  udfs - ok
18:44:47.0821 0x2768  UEFI - ok
18:44:47.0825 0x2768  UevAgentDriver - ok
18:44:47.0838 0x2768  UevAgentService - ok
18:44:47.0842 0x2768  Ufx01000 - ok
18:44:47.0847 0x2768  UfxChipidea - ok
18:44:47.0852 0x2768  ufxsynopsys - ok
18:44:47.0860 0x2768  UI0Detect - ok
18:44:47.0867 0x2768  umbus - ok
18:44:47.0872 0x2768  UmPass - ok
18:44:47.0876 0x2768  UmRdpService - ok
18:44:47.0881 0x2768  UnistoreSvc - ok
18:44:47.0953 0x2768  [ 88E54041480637C2E424AF9E593C904C, 07CD209474C04EFFB8CE6FE5060ABAACE963051B76E3A9E330F1D9A083C60A71 ] UPDATESRV      C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
18:44:47.0998 0x2768  UPDATESRV - ok
18:44:48.0004 0x2768  upnphost - ok
18:44:48.0011 0x2768  UrsChipidea - ok
18:44:48.0016 0x2768  UrsCx01000 - ok
18:44:48.0020 0x2768  UrsSynopsys - ok
18:44:48.0060 0x2768  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:44:48.0227 0x2768  USBAAPL64 - ok
18:44:48.0240 0x2768  usbccgp - ok
18:44:48.0252 0x2768  usbcir - ok
18:44:48.0257 0x2768  usbehci - ok
18:44:48.0262 0x2768  usbhub - ok
18:44:48.0267 0x2768  USBHUB3 - ok
18:44:48.0272 0x2768  usbohci - ok
18:44:48.0277 0x2768  usbprint - ok
18:44:48.0294 0x2768  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan        C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:44:48.0327 0x2768  usbscan - ok
18:44:48.0333 0x2768  usbser - ok
18:44:48.0339 0x2768  USBSTOR - ok
18:44:48.0344 0x2768  usbuhci - ok
18:44:48.0350 0x2768  USBXHCI - ok
18:44:48.0367 0x2768  UserDataSvc - ok
18:44:48.0376 0x2768  UserManager - ok
18:44:48.0390 0x2768  UsoSvc - ok
18:44:48.0395 0x2768  VaultSvc - ok
18:44:48.0429 0x2768  [ 8B61E7B09D27EAAE8BD227A04841BB8B, 225BF9B03E90ED7C4BA92F3E774F46F6CB90D721755930ABABEA255B07C0DD5D ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
18:44:48.0483 0x2768  VBoxNetAdp - ok
18:44:48.0550 0x2768  [ 7181DACBD6699770F027A049594A3DCF, F90D04A38D3C7F94A24E37C3C1FB10FB9EF6077D7DD1FA248707C1A0A72C922B ] vdbus          C:\WINDOWS\System32\drivers\vdbus.sys
18:44:48.0595 0x2768  vdbus - ok
18:44:48.0601 0x2768  vdrvroot - ok
18:44:48.0605 0x2768  vds - ok
18:44:48.0642 0x2768  [ 53605A15213A1910967EF03FB0B1C0C8, D536612CD4330725A03BA46273E3AEFAC2AEF47E54260EAC58F2BEA6F466BA9B ] veracrypt      C:\WINDOWS\system32\drivers\veracrypt.sys
18:44:48.0684 0x2768  veracrypt - ok
18:44:48.0689 0x2768  VerifierExt - ok
18:44:48.0693 0x2768  vhdmp - ok
18:44:48.0698 0x2768  vhf - ok
18:44:48.0703 0x2768  vmbus - ok
18:44:48.0707 0x2768  VMBusHID - ok
18:44:48.0711 0x2768  vmgid - ok
18:44:48.0725 0x2768  vmicguestinterface - ok
18:44:48.0730 0x2768  vmicheartbeat - ok
18:44:48.0734 0x2768  vmickvpexchange - ok
18:44:48.0738 0x2768  vmicrdv - ok
18:44:48.0743 0x2768  vmicshutdown - ok
18:44:48.0750 0x2768  vmictimesync - ok
18:44:48.0754 0x2768  vmicvmsession - ok
18:44:48.0759 0x2768  vmicvss - ok
18:44:48.0764 0x2768  volmgr - ok
18:44:48.0768 0x2768  volmgrx - ok
18:44:48.0782 0x2768  volsnap - ok
18:44:48.0787 0x2768  volume - ok
18:44:48.0798 0x2768  vpci - ok
18:44:48.0802 0x2768  vsmraid - ok
18:44:48.0807 0x2768  VSS - ok
18:44:48.0850 0x2768  [ 63C30102F89E9D004D4AA7A9E8E662CF, 70CB1C961450CDFAB2F2E20EAFB62A2CCBA6B443628346AA8D0842DE4F32A514 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
18:44:48.0896 0x2768  VSSERV - ok
18:44:48.0969 0x2768  [ 4889BF61752AD05C2AC73CF72A7C8F16, 9B2FF0CAF57855AA1F37933F2B9DC2B845D6BAD80C5DD400BD688DF343AFCDF5 ] vsservp        C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
18:44:49.0009 0x2768  vsservp - ok
18:44:49.0016 0x2768  VSTXRAID - ok
18:44:49.0020 0x2768  vwifibus - ok
18:44:49.0025 0x2768  vwififlt - ok
18:44:49.0041 0x2768  W32Time - ok
18:44:49.0046 0x2768  WacomPen - ok
18:44:49.0051 0x2768  WalletService - ok
18:44:49.0056 0x2768  wanarp - ok
18:44:49.0061 0x2768  wanarpv6 - ok
18:44:49.0067 0x2768  wbengine - ok
18:44:49.0083 0x2768  WbioSrvc - ok
18:44:49.0088 0x2768  wcifs - ok
18:44:49.0092 0x2768  Wcmsvc - ok
18:44:49.0098 0x2768  wcncsvc - ok
18:44:49.0102 0x2768  wcnfs - ok
18:44:49.0115 0x2768  WdBoot - ok
18:44:49.0120 0x2768  Wdf01000 - ok
18:44:49.0124 0x2768  WdFilter - ok
18:44:49.0129 0x2768  WdiServiceHost - ok
18:44:49.0134 0x2768  WdiSystemHost - ok
18:44:49.0154 0x2768  wdiwifi - ok
18:44:49.0158 0x2768  WdNisDrv - ok
18:44:49.0174 0x2768  WdNisSvc - ok
18:44:49.0179 0x2768  WebClient - ok
18:44:49.0184 0x2768  Wecsvc - ok
18:44:49.0202 0x2768  WEPHOSTSVC - ok
18:44:49.0207 0x2768  wercplsupport - ok
18:44:49.0211 0x2768  WerSvc - ok
18:44:49.0217 0x2768  WFPLWFS - ok
18:44:49.0223 0x2768  WiaRpc - ok
18:44:49.0228 0x2768  WIMMount - ok
18:44:49.0233 0x2768  WinDefend - ok
18:44:49.0249 0x2768  WindowsTrustedRT - ok
18:44:49.0254 0x2768  WindowsTrustedRTProxy - ok
18:44:49.0266 0x2768  WinHttpAutoProxySvc - ok
18:44:49.0273 0x2768  WinMad - ok
18:44:49.0302 0x2768  Winmgmt - ok
18:44:49.0307 0x2768  WinRM - ok
18:44:49.0316 0x2768  WINUSB - ok
18:44:49.0321 0x2768  WinVerbs - ok
18:44:49.0336 0x2768  wisvc - ok
18:44:49.0341 0x2768  WlanSvc - ok
18:44:49.0346 0x2768  wlidsvc - ok
18:44:49.0351 0x2768  WmiAcpi - ok
18:44:49.0359 0x2768  wmiApSrv - ok
18:44:49.0369 0x2768  WMPNetworkSvc - ok
18:44:49.0378 0x2768  Wof - ok
18:44:49.0408 0x2768  workfolderssvc - ok
18:44:49.0413 0x2768  WPDBusEnum - ok
18:44:49.0418 0x2768  WpdUpFltr - ok
18:44:49.0430 0x2768  WpnService - ok
18:44:49.0435 0x2768  WpnUserService - ok
18:44:49.0441 0x2768  ws2ifsl - ok
18:44:49.0449 0x2768  wscsvc - ok
18:44:49.0453 0x2768  WSearch - ok
18:44:49.0459 0x2768  wuauserv - ok
18:44:49.0464 0x2768  WudfPf - ok
18:44:49.0470 0x2768  WUDFRd - ok
18:44:49.0475 0x2768  wudfsvc - ok
18:44:49.0480 0x2768  WUDFWpdFs - ok
18:44:49.0485 0x2768  WwanSvc - ok
18:44:49.0490 0x2768  XblAuthManager - ok
18:44:49.0504 0x2768  XblGameSave - ok
18:44:49.0509 0x2768  xboxgip - ok
18:44:49.0514 0x2768  XboxNetApiSvc - ok
18:44:49.0534 0x2768  xinputhid - ok
18:44:49.0537 0x2768  ================ Scan global ===============================
18:44:49.0582 0x2768  [ Global ] - ok
18:44:49.0583 0x2768  ================ Scan MBR ==================================
18:44:49.0599 0x2768  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk1\DR1
18:44:49.0749 0x2768  \Device\Harddisk1\DR1 - ok
18:44:49.0753 0x2768  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk0\DR0
18:44:49.0852 0x2768  \Device\Harddisk0\DR0 - ok
18:44:49.0857 0x2768  [ 910C536DD5850F1400D146ACE95166CB ] \Device\Harddisk2\DR2
18:44:50.0069 0x2768  \Device\Harddisk2\DR2 - ok
18:44:50.0069 0x2768  ================ Scan VBR ==================================
18:44:50.0071 0x2768  [ 605BE76ECCAE645B502C28452422F2DA ] \Device\Harddisk1\DR1\Partition1
18:44:50.0073 0x2768  \Device\Harddisk1\DR1\Partition1 - ok
18:44:50.0075 0x2768  [ 5D1FC1D95F70DFCE7EB0DA2388F64657 ] \Device\Harddisk1\DR1\Partition2
18:44:50.0076 0x2768  \Device\Harddisk1\DR1\Partition2 - ok
18:44:50.0079 0x2768  [ A4073E48A0FD61D0B14D9FE3128796A1 ] \Device\Harddisk0\DR0\Partition1
18:44:50.0080 0x2768  \Device\Harddisk0\DR0\Partition1 - ok
18:44:50.0085 0x2768  [ E9046E69E682A5C5A23C2A3B8ADBF6CE ] \Device\Harddisk0\DR0\Partition2
18:44:50.0086 0x2768  \Device\Harddisk0\DR0\Partition2 - ok
18:44:50.0087 0x2768  ================ Scan generic autorun ======================
18:44:50.0224 0x2768  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:44:50.0317 0x2768  NvBackend - ok
18:44:50.0764 0x2768  [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe
18:44:51.0237 0x2768  Launch LCore - ok
18:44:51.0288 0x2768  ShadowPlay - ok
18:44:51.0328 0x2768  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
18:44:51.0343 0x2768  iTunesHelper - ok
18:44:51.0493 0x2768  [ 1A774CBE54318A3411539BA10D47BEF5, 99CDBD90429FCAFA1C814E49EFF1160E8DC7D43B8F82E8AC33116BE7D42DBA9B ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
18:44:51.0604 0x2768  Malwarebytes Anti-Exploit - ok
18:44:51.0664 0x2768  Dropbox - ok
18:44:51.0784 0x2768  [ CB8A6B1FC6F8D1BFBD61C543B4E9F105, 3E799F410F772BAA1A1A6F412985DB2F95DC3140CAE6F52F5678AB739F509603 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
18:44:51.0878 0x2768  CanonQuickMenu - ok
18:44:52.0045 0x2768  [ 06318691415FC9CA63E8DBEAA8DB7F9E, D2B3B4610137C3D6F6344FF22AE13B89ADDD86CEF56A40367CAD7F29CBBFBC17 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe
18:44:52.0268 0x2768  EaseUS EPM tray - ok
18:44:52.0315 0x2768  [ 957A7B0BC688BECD3FE224F996794A7D, 2C2C82632E3C0DCD7E14B8B7FFF5DB014722B6A8B5D2ADAE2652E3AC230E636D ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe
18:44:52.0384 0x2768  EaseUS Cleanup - ok
18:44:52.0474 0x2768  OneDriveSetup - ok
18:44:52.0476 0x2768  OneDriveSetup - ok
18:44:52.0602 0x2768  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Joerg\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:44:52.0639 0x2768  OneDrive - ok
18:44:52.0710 0x2768  [ 64BD910F426F389CB1050764AF254E6E, 67341775B3AA1376339984DA3741263A0EC6ADD80A0878E9F5C9529CCDEE7808 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
18:44:52.0754 0x2768  iCloudServices - ok
18:44:52.0789 0x2768  GoogleDriveSync - ok
18:44:52.0889 0x2768  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:44:52.0938 0x2768  OfficeSyncProcess - ok
18:44:52.0955 0x2768  [ CD7A801F32BCE7A0195386066B42C8DE, 3988D1E074AB4051FC74C29B1918262A30D10183C4BA3894EE6724987145215F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
18:44:52.0974 0x2768  ApplePhotoStreams - ok
18:44:52.0975 0x2768  Waiting for KSN requests completion. In queue: 81
18:44:53.0976 0x2768  Waiting for KSN requests completion. In queue: 81
18:44:55.0004 0x2768  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
18:44:55.0005 0x2768  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.17.874 ), 0x41000 ( enabled : updated )
18:44:55.0006 0x2768  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.17.874 ), 0x41010 ( enabled )
18:44:56.0165 0x2768  ============================================================
18:44:56.0165 0x2768  Scan finished
18:44:56.0165 0x2768  ============================================================
18:44:56.0182 0x2778  Detected object count: 0
18:44:56.0183 0x2778  Actual detected object count: 0

deeprybka 15.10.2016 18:16
Hi,

Schritt 2

Downloade Dir bitte http://deeprybka.trojaner-board.de/adwcleaner/adwc.pngAdwCleaner auf Deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere Dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit Deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Downloade Dir HitmanProhttp://deeprybka.trojaner-board.de/b.../hitmanpro.pngauf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version
Jetzt bitte Suchscan durchführen:

Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


joerg_k 16.10.2016 11:41
AdwCleaner Logfile:
Code:
# AdwCleaner v6.021 - Logfile created 15/10/2016 at 19:27:44
# Updated on 06/10/2016 by ToolsLib
# Database : 2016-10-15.3 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : Joerg - RECHTS-PC
# Running from : C:\Users\Joerg\Desktop\AdwCleaner_6.021.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Key deleted on reboot: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: " Image File Execution Options" keys deleted
:: "Prefetch" files deleted
:: Proxy settings cleared
:: TCP/IP settings cleared
:: Firewall rules cleared
:: IPSec settings cleared
:: BITS queue cleared
:: IE policies deleted
:: Chrome policies deleted
:: Chrome preferences reset: C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default
:: Hosts file cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1908 Bytes] - [15/10/2016 19:27:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [773 Bytes] - [19/05/2016 11:11:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [1855 Bytes] - [14/08/2016 19:32:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [1963 Bytes] - [15/10/2016 19:25:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2199 Bytes] ##########
--- --- ---

[/CODE]

Code:

       
Code:

       
HitmanPro 3.7.14.280
www.hitmanpro.com

   Computer name . . . . : RECHTS-PC
   Windows . . . . . . . : 10.0.0.14393.X64/4
   User name . . . . . . : RECHTS-PC\Joerg
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (8 days left)

   Scan date . . . . . . : 2016-10-15 19:44:42
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 39s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1.857.169
   Files scanned . . . . : 57.849
   Remnants scanned  . . : 360.731 files / 1.438.589 keys

Suspicious files ____________________________________________________________

   C:\Users\Joerg\Desktop\FRST64.exe
      Size . . . . . . . : 2.406.912 bytes
      Age  . . . . . . . : 1.2 days (2016-10-14 14:02:43)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3C716312A30061CB8B1BF8A3B0CEECEC731782D406DF06100030871265A3E4D6
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7f9c9b964f2504d88014049fd4142d7
# end=init
# utc_time=2016-10-15 05:57:31
# local_time=2016-10-15 07:57:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31091
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7f9c9b964f2504d88014049fd4142d7
# end=updated
# utc_time=2016-10-15 05:59:33
# local_time=2016-10-15 07:59:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f7f9c9b964f2504d88014049fd4142d7
# engine=31091
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-15 09:10:42
# local_time=2016-10-15 11:10:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1116905 10546968 0 0
# scanned=446242
# found=10
# cleaned=10
# scan_time=11469
sh=3480ED0F9C875D705FF2223C52E45DDF5A0EAFF0 ft=1 fh=758fff08f3239cd5 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Joerg\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader.exe"
sh=C23A478B3C9932FB9C0C8BABE980B4ADB3C4FE1B ft=1 fh=696ee47469356e7c vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Joerg\Downloads\epm115.exe"
sh=DC7164D4F78131B0E0466BFAB0876CB8325826D7 ft=1 fh=d29f80cf32efe935 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Joerg\Downloads\FreemakeAudioConverterSetup.exe"
sh=F463A43259BCBE6B32B62CF27387E489D90138EC ft=1 fh=5166c27889dcd796 vn="Variante von Win32/InstallCore.AHH evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Joerg\Downloads\FreeYouTubeDownload_4.1.24.627_d.exe"
sh=7B8861C17251CFE19783EB1BDCBFA381456BEB88 ft=1 fh=c7da30fa067bc998 vn="Variante von Win32/InstallCore.AHH evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Joerg\Downloads\FreeYouTubeDownload_4.1.26.712_d_1_.exe"
sh=3EC705102D2EB8899B0C0E2C43C0AA823A20EE2A ft=1 fh=cc3087e911ce3b74 vn="Variante von MSIL/383Media.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="D:\Program Files (x86)\DriverWhiz\DriverWhiz.exe"
sh=3BCF975A32B5A238D482842752EE67D1D7534E42 ft=1 fh=5484c5d4cdedf653 vn="Variante von Win32/383Media.A evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="D:\Program Files (x86)\DriverWhiz\uninst.exe"
sh=515ED28CE8A952B050B41C221CBC34FE70E5AC79 ft=1 fh=9057eb795d7c357f vn="Variante von Win32/383Media.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="D:\Users\Joerg\AppData\Local\Temp\DRHelper_installFinish.exe"
sh=515ED28CE8A952B050B41C221CBC34FE70E5AC79 ft=1 fh=9057eb795d7c357f vn="Variante von Win32/383Media.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="D:\Users\Joerg\AppData\Local\Temp\DRHelper_installStart.exe"
sh=05BA2D3F0B083263104FF39F1629AD858F451C8C ft=1 fh=99013c1144cd2915 vn="Variante von MSIL/383Media.A evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="D:\Users\Joerg\Downloads\Driverwhiz.exe"

deeprybka 16.10.2016 16:36
http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

joerg_k 16.10.2016 17:34
Hallo mein lieber Jürgen :-)

Sieht schon wesentlich besser aus .

Eine Sache ist noch komisch, aber ich behalte das erstmal im Auge!

Gibt es noch Probleme, schick mich zu deinem Kollegen Komodo oder Stockfish oder Houdini.

Denke Du hast diesen Scherz verstanden, oder ?

Jörg

deeprybka 17.10.2016 17:56
:)
Klar.

Beobachte bitte mal 1-2 Tage und dann poste frische FRST-Logs.

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

joerg_k 28.10.2016 23:28
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2016
Ran by Joerg (administrator) on RECHTS-PC (28-10-2016 22:15:39)
Running from C:\Users\Joerg\Desktop
Loaded Profiles: Joerg (Available Profiles: Joerg)
Platform: Windows 10 Pro Version 1607 (X64) Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\odscanui.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwtxapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40797.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40797.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2651088 2016-10-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25424008 2016-10-24] (Dropbox, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe [2090176 2016-04-26] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe [1227456 2016-04-26] (CHENGDU Yiwo Tech Development Co., Ltd.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4229824 2016-03-29] (Disc Soft Ltd)
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\MountPoints2: {26e6fcd4-96ca-11e5-824e-806e6f6e6963} - "K:\setup.exe"
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\...\MountPoints2: {8428006b-9521-11e6-bf78-fcaa148a5033} - "G:\Setup.exe"
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon1] -> {8ec6dd7e-fece-30b6-a924-9f002415595d} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon2] -> {b0211a8e-58b3-3932-9689-32d644a0828a} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon3] -> {3465eba8-d186-3b9c-870b-0c418f7dd282} =>  No File
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon4] -> {6f195ec8-0779-3aa2-85b3-a43e7f3ef055} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-06-09] ()
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-04-30]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagentaCLOUD.lnk [2016-05-18]
ShortcutTarget: MagentaCLOUD.lnk -> C:\Users\Joerg\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{240447e2-f3fe-40c6-9b3f-440bcb265042}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2784528314-457634619-2433917865-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com/
hxxps://search.f-secure.com/?fs_uo=homepage
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-10-27] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-10-27] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-10-27] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-10-27] (Bitdefender)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-06-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: j.kleinpoppen@icloud.com
FF ProfilePath: C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951 [2016-10-28]
FF Extension: (Dashlane) - C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-13]
FF Extension: (LastPass) - C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\Extensions\support@lastpass.com [2016-10-03]
FF Extension: (uBlock Origin) - C:\Users\Joerg\AppData\Roaming\Mozilla\Firefox\Profiles\hosr3uf9.default-1455569010951\Extensions\uBlock0@raymondhill.net.xpi [2016-10-28]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2016-10-28]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-09-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-16] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-06-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2784528314-457634619-2433917865-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-09-21] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default [2016-10-28]
CHR Extension: (Google Slides) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-21]
CHR Extension: (Google Docs) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-21]
CHR Extension: (Google Drive) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-21]
CHR Extension: (YouTube) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-21]
CHR Extension: (Google Sheets) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-21]
CHR Extension: (Bitdefender Wallet) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2016-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-22]
CHR Extension: (Ghostery) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-21]
CHR Extension: (Gmail) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Joerg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3037424 2016-10-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [41576 2016-10-24] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1369280 2016-03-29] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [155088 2016-10-28] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1088944 2016-09-13] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [216880 2016-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1306832 2016-10-27] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [56584 2016-01-08] (Abelssoft) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-10-27] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-10-27] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-10-17] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2015-11-30] (DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-10-16] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-10-16] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18016 2016-05-23] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2016-05-23] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [77416 2016-10-28] ()
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-05-23] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-05-23] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-18] (REALiX(tm))
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [300840 2016-08-11] (Bitdefender)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-27] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U0 aswVmm; no ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 epp; \??\C:\Program Files\Emsisoft Internet Security\epp.sys [X]
S3 vdbus; \SystemRoot\System32\drivers\vdbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-28 22:23 - 2016-10-28 22:23 - 00000000 ____D C:\Users\Joerg\AppData\Local\TempTaskUpdateDetectionABA4F3AE-1D2F-4ADE-A350-CB9297CB021B
2016-10-28 22:15 - 2016-10-28 22:16 - 00032417 _____ C:\Users\Joerg\Desktop\FRST.txt
2016-10-28 22:07 - 2016-10-28 22:07 - 00000000 ____D C:\Users\Joerg\Desktop\FRST-OlderVersion
2016-10-28 21:17 - 2016-10-28 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-28 01:05 - 2016-10-28 01:06 - 00088652 _____ C:\TDSSKiller.3.1.0.11_28.10.2016_01.05.50_log.txt
2016-10-28 01:04 - 2016-10-28 01:05 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Joerg\Downloads\tdsskiller.exe
2016-10-28 00:47 - 2016-10-28 00:47 - 03910208 _____ C:\Users\Joerg\Downloads\AdwCleaner_6.030 (3).exe
2016-10-28 00:32 - 2016-10-28 00:33 - 03910208 _____ C:\Users\Joerg\Downloads\AdwCleaner_6.030 (2).exe
2016-10-28 00:31 - 2016-10-28 00:31 - 00005884 _____ C:\TDSSKiller.3.1.0.11_28.10.2016_00.31.11_log.txt
2016-10-28 00:17 - 2016-10-15 06:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 00:17 - 2016-10-15 06:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 00:17 - 2016-10-15 06:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 00:17 - 2016-10-15 06:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 00:17 - 2016-10-15 06:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 00:17 - 2016-10-15 06:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 00:17 - 2016-10-15 06:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 00:17 - 2016-10-15 06:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 00:17 - 2016-10-15 06:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 00:17 - 2016-10-15 06:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 00:17 - 2016-10-15 06:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 00:17 - 2016-10-15 06:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 00:17 - 2016-10-15 06:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 00:17 - 2016-10-15 06:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 00:17 - 2016-10-15 06:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 00:17 - 2016-10-15 06:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 00:17 - 2016-10-15 06:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 00:17 - 2016-10-15 06:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 00:17 - 2016-10-15 06:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 00:17 - 2016-10-15 06:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 00:17 - 2016-10-15 06:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 00:17 - 2016-10-15 06:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 00:17 - 2016-10-15 06:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 00:17 - 2016-10-15 06:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 00:17 - 2016-10-15 06:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 00:17 - 2016-10-15 05:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 00:17 - 2016-10-15 05:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 00:17 - 2016-10-15 05:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 00:17 - 2016-10-15 05:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 00:17 - 2016-10-15 05:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 00:17 - 2016-10-15 05:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 00:17 - 2016-10-15 05:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 00:17 - 2016-10-15 05:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 00:17 - 2016-10-15 05:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 00:17 - 2016-10-15 05:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 00:17 - 2016-10-15 05:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 00:17 - 2016-10-15 05:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 00:17 - 2016-10-15 05:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 00:17 - 2016-10-15 05:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 00:17 - 2016-10-15 05:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 00:17 - 2016-10-15 05:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 00:17 - 2016-10-15 05:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 00:17 - 2016-10-15 05:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 00:17 - 2016-10-15 05:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 00:17 - 2016-10-15 05:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 00:17 - 2016-10-15 05:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 00:17 - 2016-10-15 05:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 00:17 - 2016-10-15 05:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 00:17 - 2016-10-15 05:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 00:17 - 2016-10-15 05:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 00:17 - 2016-10-15 05:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 00:17 - 2016-10-15 05:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 00:17 - 2016-10-15 05:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 00:17 - 2016-10-15 05:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 00:17 - 2016-10-15 05:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 00:17 - 2016-10-15 05:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 00:17 - 2016-10-15 05:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 00:17 - 2016-10-15 05:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 00:17 - 2016-10-15 05:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 00:17 - 2016-10-15 05:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 00:17 - 2016-10-15 05:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 00:17 - 2016-10-15 05:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 00:17 - 2016-10-15 05:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 00:17 - 2016-10-15 05:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 00:17 - 2016-10-15 05:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 00:17 - 2016-10-15 05:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 00:17 - 2016-10-15 05:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 00:17 - 2016-10-15 05:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 00:17 - 2016-10-15 05:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 00:17 - 2016-10-15 05:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 00:17 - 2016-10-15 05:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 00:17 - 2016-10-15 05:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 00:17 - 2016-10-15 05:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 00:17 - 2016-10-15 05:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 00:17 - 2016-10-15 05:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 00:17 - 2016-10-15 05:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 00:17 - 2016-10-15 05:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 00:17 - 2016-10-15 05:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 00:17 - 2016-10-15 05:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 00:17 - 2016-10-15 05:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 00:17 - 2016-10-15 05:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 00:17 - 2016-10-15 05:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 00:17 - 2016-10-15 05:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 00:17 - 2016-10-15 05:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 00:17 - 2016-10-15 05:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 00:17 - 2016-10-15 05:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 00:17 - 2016-10-15 05:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 00:17 - 2016-10-15 05:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 00:17 - 2016-10-15 05:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 00:17 - 2016-10-15 05:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 00:17 - 2016-10-15 05:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 00:17 - 2016-10-15 05:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 00:17 - 2016-10-15 05:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 00:17 - 2016-09-10 15:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 00:17 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 00:16 - 2016-10-15 07:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 00:16 - 2016-10-15 06:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 00:16 - 2016-10-15 06:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 00:16 - 2016-10-15 06:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 00:16 - 2016-10-15 06:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 00:16 - 2016-10-15 06:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 00:16 - 2016-10-15 06:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 00:16 - 2016-10-15 06:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 00:16 - 2016-10-15 06:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 00:16 - 2016-10-15 06:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 00:16 - 2016-10-15 06:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 00:16 - 2016-10-15 06:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 00:16 - 2016-10-15 06:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 00:16 - 2016-10-15 06:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 00:16 - 2016-10-15 06:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 00:16 - 2016-10-15 06:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 00:16 - 2016-10-15 06:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 00:16 - 2016-10-15 06:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 00:16 - 2016-10-15 06:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 00:16 - 2016-10-15 06:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 00:16 - 2016-10-15 06:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 00:16 - 2016-10-15 06:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 00:16 - 2016-10-15 06:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 00:16 - 2016-10-15 06:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 00:16 - 2016-10-15 06:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 00:16 - 2016-10-15 06:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 00:16 - 2016-10-15 06:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 00:16 - 2016-10-15 06:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 00:16 - 2016-10-15 06:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 00:16 - 2016-10-15 06:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 00:16 - 2016-10-15 06:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 00:16 - 2016-10-15 06:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 00:16 - 2016-10-15 06:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 00:16 - 2016-10-15 06:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 00:16 - 2016-10-15 06:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 00:16 - 2016-10-15 06:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 00:16 - 2016-10-15 06:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 00:16 - 2016-10-15 06:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 00:16 - 2016-10-15 06:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 00:16 - 2016-10-15 06:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 00:16 - 2016-10-15 06:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 00:16 - 2016-10-15 06:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 00:16 - 2016-10-15 06:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 00:16 - 2016-10-15 06:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 00:16 - 2016-10-15 06:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 00:16 - 2016-10-15 06:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 00:16 - 2016-10-15 06:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 00:16 - 2016-10-15 06:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 00:16 - 2016-10-15 06:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 00:16 - 2016-10-15 06:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 00:16 - 2016-10-15 06:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 00:16 - 2016-10-15 06:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 00:16 - 2016-10-15 06:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 00:16 - 2016-10-15 05:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 00:16 - 2016-10-15 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 00:16 - 2016-10-15 05:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 00:16 - 2016-10-15 05:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 00:16 - 2016-10-15 05:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 00:16 - 2016-10-15 05:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 00:16 - 2016-10-15 05:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 00:16 - 2016-10-15 05:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 00:16 - 2016-10-15 05:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 00:16 - 2016-10-15 05:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 00:16 - 2016-10-15 05:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 00:16 - 2016-10-15 05:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 00:16 - 2016-10-15 05:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 00:16 - 2016-10-15 05:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 00:16 - 2016-10-15 05:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 00:16 - 2016-10-15 05:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 00:16 - 2016-10-15 05:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 00:16 - 2016-10-15 05:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 00:16 - 2016-10-15 05:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 00:16 - 2016-10-15 05:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 00:16 - 2016-10-15 05:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 00:16 - 2016-10-15 05:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 00:16 - 2016-10-15 05:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 00:16 - 2016-10-15 05:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 00:16 - 2016-10-15 05:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 00:16 - 2016-10-15 05:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 00:16 - 2016-10-15 05:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 00:16 - 2016-10-15 05:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 00:16 - 2016-10-15 05:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 00:16 - 2016-10-15 05:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 00:16 - 2016-10-15 05:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 00:16 - 2016-10-15 05:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 00:16 - 2016-10-15 05:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 00:16 - 2016-10-15 05:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 00:16 - 2016-10-15 05:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 00:16 - 2016-10-15 05:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 00:16 - 2016-10-15 05:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 00:16 - 2016-10-15 05:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 00:16 - 2016-10-15 05:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 00:16 - 2016-10-15 05:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 00:16 - 2016-10-15 05:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 00:16 - 2016-10-15 05:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 00:16 - 2016-10-15 05:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 00:16 - 2016-10-15 05:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 00:16 - 2016-10-15 05:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 00:16 - 2016-10-15 05:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 00:16 - 2016-10-15 05:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 00:16 - 2016-10-15 05:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 00:16 - 2016-10-15 05:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 00:16 - 2016-10-15 05:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 00:16 - 2016-10-15 05:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 00:16 - 2016-10-15 05:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 00:16 - 2016-10-15 05:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 00:16 - 2016-10-15 05:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 00:16 - 2016-10-15 05:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 00:16 - 2016-10-15 05:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 00:16 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 00:16 - 2016-10-15 05:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 00:16 - 2016-10-15 05:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 00:16 - 2016-10-15 05:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 00:16 - 2016-10-15 05:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 00:16 - 2016-10-15 05:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 00:16 - 2016-10-15 05:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 00:16 - 2016-10-15 05:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 00:16 - 2016-10-15 05:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 00:16 - 2016-10-15 05:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 00:16 - 2016-10-15 05:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 00:16 - 2016-10-15 05:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 00:16 - 2016-10-15 05:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 00:16 - 2016-10-15 05:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 00:16 - 2016-10-15 05:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 00:16 - 2016-10-15 05:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 00:16 - 2016-10-15 05:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 00:16 - 2016-10-15 05:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-28 00:16 - 2016-10-15 05:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 00:16 - 2016-10-15 05:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 00:16 - 2016-10-15 05:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 00:16 - 2016-10-15 05:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 00:16 - 2016-10-15 05:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 00:16 - 2016-10-15 05:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 00:16 - 2016-10-15 05:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 00:16 - 2016-10-15 05:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 00:16 - 2016-10-15 05:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 00:16 - 2016-10-15 05:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 00:16 - 2016-10-15 05:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 00:16 - 2016-10-15 05:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 00:16 - 2016-10-15 05:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 00:16 - 2016-10-15 05:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 00:16 - 2016-10-15 05:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 00:16 - 2016-10-15 05:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 00:16 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-26 00:18 - 2016-10-26 00:18 - 00000000 ____D C:\Users\Joerg\Documents\2016_10_26
2016-10-26 00:17 - 2016-10-26 00:17 - 00352012 _____ C:\Users\Joerg\Documents\IMG_20161026_0001.pdf
2016-10-24 15:06 - 2016-10-24 15:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-10-24 15:06 - 2016-10-24 15:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-10-24 15:06 - 2016-10-24 15:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-10-24 15:06 - 2016-10-24 15:06 - 00041576 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-10-21 15:45 - 2016-10-21 15:45 - 03910208 _____ C:\Users\Joerg\Downloads\AdwCleaner_6.030 (1).exe
2016-10-20 23:12 - 2016-10-20 23:13 - 01065376 _____ (Google Inc.) C:\Users\Joerg\Downloads\ChromeSetup (1).exe
2016-10-19 17:09 - 2016-10-19 17:10 - 03910208 _____ C:\Users\Joerg\Downloads\adwcleaner_6.030.exe
2016-10-18 20:47 - 2016-10-18 21:19 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\mIRC
2016-10-18 20:47 - 2016-10-18 20:47 - 00001037 _____ C:\Users\Public\Desktop\mIRC.lnk
2016-10-18 20:47 - 2016-10-18 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-10-18 20:47 - 2016-10-18 20:47 - 00000000 ____D C:\Program Files (x86)\mIRC
2016-10-18 20:46 - 2016-10-18 20:46 - 02733976 _____ (mIRC Co. Ltd.) C:\Users\Joerg\Downloads\mirc746.exe
2016-10-18 20:46 - 2016-10-18 20:46 - 02733976 _____ (mIRC Co. Ltd.) C:\Users\Joerg\Downloads\mirc746 (1).exe
2016-10-18 16:23 - 2016-10-19 19:32 - 00002209 _____ C:\Users\Public\Desktop\Fritz Beginner 2011.lnk
2016-10-18 01:04 - 2016-10-18 01:05 - 00088652 _____ C:\TDSSKiller.3.1.0.11_18.10.2016_01.04.48_log.txt
2016-10-17 20:09 - 2016-10-17 20:09 - 00010005 _____ C:\Users\Joerg\DGTBOARD.log.txt
2016-10-17 15:59 - 2016-10-17 15:59 - 00000000 ____D C:\Users\Joerg\Downloads\komodo-8
2016-10-17 15:58 - 2016-10-17 15:58 - 02027397 _____ C:\Users\Joerg\Downloads\komodo-8.zip
2016-10-17 15:36 - 2016-10-17 15:50 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\DAEMON Tools Pro
2016-10-17 15:36 - 2016-10-17 15:36 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtproscsibus.sys
2016-10-17 15:36 - 2016-10-17 15:36 - 00001783 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2016-10-17 15:36 - 2016-10-17 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2016-10-17 15:36 - 2016-10-17 15:36 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2016-10-17 15:31 - 2016-10-17 15:33 - 29692200 _____ (Disc Soft Ltd) C:\Users\Joerg\Downloads\DTPro710-0595_paid (1).exe
2016-10-17 15:28 - 2016-10-17 15:28 - 29692200 _____ (Disc Soft Ltd) C:\Users\Joerg\Downloads\DTPro710-0595_paid.exe
2016-10-17 15:25 - 2016-10-17 15:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-10-17 15:24 - 2016-10-17 15:24 - 02975424 _____ (Disc Soft Ltd) C:\Users\Joerg\Downloads\DTProInstaller.exe
2016-10-16 22:30 - 2016-10-16 22:30 - 00002229 _____ C:\Users\Public\Desktop\Rybka 3 Dynamic.lnk
2016-10-16 21:09 - 2016-10-16 21:09 - 00000000 ____D C:\Users\Joerg\AppData\Local\Disc_Soft_Ltd
2016-10-16 21:07 - 2016-10-17 15:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-16 21:07 - 2016-10-16 21:07 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-10-16 21:06 - 2016-10-16 21:09 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\DAEMON Tools Ultra
2016-10-16 21:06 - 2016-10-16 21:06 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrausbbus.sys
2016-10-16 21:06 - 2016-10-16 21:06 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrascsibus.sys
2016-10-16 21:04 - 2016-10-16 21:06 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-10-16 21:04 - 2016-10-16 21:04 - 00672288 _____ (Disc Soft Ltd.) C:\Users\Joerg\Downloads\DTUltraInstaller1.1.exe
2016-10-16 17:30 - 2016-10-16 17:30 - 00003354 _____ C:\WINDOWS\System32\Tasks\{FF42B31B-2EEF-4CDE-B0A4-25903A5A0787}
2016-10-16 17:28 - 2016-10-19 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessBase
2016-10-16 17:03 - 2016-10-16 17:03 - 00000000 ____D C:\Users\Joerg\Documents\UseNeXT
2016-10-16 17:02 - 2016-10-19 19:59 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\UseNeXT
2016-10-16 17:02 - 2016-10-16 17:02 - 00001943 _____ C:\Users\Joerg\Desktop\UseNeXT by Tangysoft.lnk
2016-10-16 17:02 - 2016-10-16 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2016-10-16 17:02 - 2016-10-16 17:02 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2016-10-16 17:01 - 2016-10-16 17:01 - 05270008 _____ (Tangysoft Ltd. ) C:\Users\Joerg\Downloads\UseNeXTSetup_5.64.exe
2016-10-16 16:47 - 2016-10-16 16:48 - 00000000 ____D C:\Users\Joerg\Downloads\Deep_Fritz_keygen
2016-10-16 16:46 - 2016-10-16 16:47 - 04852672 _____ C:\Users\Joerg\Downloads\Deep_Fritz_keygen.zip
2016-10-16 16:28 - 2016-10-16 16:29 - 00000000 ____D C:\Users\Joerg\Downloads\Fritz_keygen_by_Paradox
2016-10-16 15:58 - 2016-10-18 14:32 - 00000000 ____D C:\ProgramData\ChessBase
2016-10-16 15:56 - 2016-10-17 12:59 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\ChessBase
2016-10-16 15:55 - 2016-10-18 16:17 - 00000000 ____D C:\Users\Joerg\Documents\ChessBase
2016-10-16 15:55 - 2016-10-16 15:55 - 00002263 _____ C:\Users\Joerg\Desktop\Deep Fritz 12 DL.lnk
2016-10-16 15:55 - 2016-10-16 15:55 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
2016-10-16 15:52 - 2016-10-18 16:22 - 00000000 ____D C:\Program Files (x86)\ChessBase
2016-10-16 15:52 - 2016-10-16 15:56 - 00000000 ____D C:\Users\Joerg\AppData\Local\ChessBase
2016-10-16 15:49 - 2016-10-16 15:52 - 208820880 _____ (ChessBase GmbH) C:\Users\Joerg\Downloads\DeepFritz12Setup.exe
2016-10-15 19:56 - 2016-10-15 19:57 - 02870984 _____ (ESET) C:\Users\Joerg\Downloads\esetsmartinstaller_deu.exe
2016-10-15 19:43 - 2016-10-15 19:43 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-15 16:54 - 2016-10-15 16:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-10-15 15:44 - 2016-10-16 16:03 - 00000000 ____D C:\Users\Joerg\Desktop\chess
2016-10-14 22:43 - 2016-10-14 22:43 - 00008553 _____ C:\Users\Joerg\Downloads\uci.zip
2016-10-14 22:43 - 2016-10-14 22:43 - 00000000 ____D C:\Users\Joerg\Downloads\uci
2016-10-14 20:35 - 2016-10-14 20:35 - 00000000 ____D C:\Users\Joerg\Downloads\Fire_4(1)
2016-10-14 20:34 - 2016-10-14 20:34 - 00323295 _____ C:\Users\Joerg\Downloads\Fire_4(1).rar
2016-10-14 20:24 - 2016-10-14 20:24 - 18199132 _____ C:\Users\Joerg\Downloads\arena_3.5.1.zip
2016-10-14 20:19 - 2016-10-14 20:19 - 00000000 ____D C:\Users\Joerg\Downloads\Fire_4
2016-10-14 20:17 - 2016-10-14 20:17 - 00323295 _____ C:\Users\Joerg\Downloads\Fire_4.rar
2016-10-14 20:14 - 2016-10-14 20:14 - 01556392 _____ C:\Users\Joerg\Downloads\stockfish-7-win.zip
2016-10-14 20:14 - 2016-10-14 20:14 - 00000000 ____D C:\Users\Joerg\Downloads\stockfish-7-win
2016-10-14 18:43 - 2016-10-14 19:43 - 00090490 _____ C:\TDSSKiller.3.1.0.11_14.10.2016_18.43.25_log.txt
2016-10-14 18:38 - 2016-10-14 18:43 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Joerg\Desktop\tdsskiller.exe
2016-10-14 15:39 - 2016-10-14 15:39 - 00001360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2016-10-14 15:39 - 2016-10-14 15:39 - 00001348 _____ C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2016-10-14 15:39 - 2016-10-14 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2016-10-14 15:39 - 2016-10-14 15:39 - 00000000 ____D C:\ProgramData\GlarySoft
2016-10-14 15:38 - 2016-10-14 15:38 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2016-10-14 15:11 - 2016-10-14 15:38 - 04999096 _____ C:\Users\Joerg\Downloads\ausetup_5.3.1.21.exe
2016-10-14 14:03 - 2016-10-28 22:15 - 00000000 ____D C:\FRST
2016-10-14 14:02 - 2016-10-28 22:07 - 02407936 _____ (Farbar) C:\Users\Joerg\Desktop\FRST64.exe
2016-10-14 12:48 - 2016-10-05 12:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-14 12:48 - 2016-10-05 12:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-14 12:48 - 2016-10-05 12:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-14 12:48 - 2016-10-05 12:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-14 12:48 - 2016-10-05 12:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-14 12:48 - 2016-10-05 12:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-14 12:48 - 2016-10-05 12:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-14 12:48 - 2016-10-05 11:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-14 12:48 - 2016-10-05 11:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-14 12:48 - 2016-10-05 11:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-14 12:48 - 2016-10-05 11:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-14 12:48 - 2016-10-05 11:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-14 12:48 - 2016-10-05 11:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-14 12:48 - 2016-10-05 11:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-14 12:48 - 2016-10-05 11:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-14 12:48 - 2016-10-05 11:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-14 12:48 - 2016-10-05 11:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-14 12:48 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-14 12:48 - 2016-10-05 11:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-14 12:48 - 2016-10-05 11:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-14 12:48 - 2016-10-05 11:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-14 12:48 - 2016-10-05 11:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-14 12:48 - 2016-10-05 11:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-14 12:48 - 2016-10-05 11:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-14 12:48 - 2016-10-05 11:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-14 12:48 - 2016-10-05 11:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-14 12:48 - 2016-10-05 11:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-14 12:48 - 2016-10-05 11:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-14 12:48 - 2016-10-05 11:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-14 12:48 - 2016-10-05 11:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-14 12:48 - 2016-10-05 11:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-14 12:48 - 2016-10-05 11:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-14 12:48 - 2016-10-05 11:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-14 12:48 - 2016-10-05 11:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-14 12:48 - 2016-10-05 11:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-14 12:48 - 2016-10-05 11:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-14 12:48 - 2016-10-05 11:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-14 12:48 - 2016-10-05 11:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-14 12:48 - 2016-10-05 11:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-14 12:48 - 2016-10-05 11:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-14 12:48 - 2016-10-05 11:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-14 12:48 - 2016-10-05 11:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-14 12:48 - 2016-10-05 11:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-14 12:48 - 2016-10-05 11:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-14 12:48 - 2016-10-05 11:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-14 12:48 - 2016-10-05 11:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-14 12:48 - 2016-10-05 11:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-14 12:48 - 2016-10-05 11:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-14 12:48 - 2016-10-05 11:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-14 12:48 - 2016-10-05 11:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-14 12:48 - 2016-10-05 11:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-14 12:48 - 2016-10-05 11:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-14 12:48 - 2016-10-05 11:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-14 12:48 - 2016-10-05 11:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-14 12:48 - 2016-10-05 11:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-14 12:48 - 2016-10-05 11:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-14 12:48 - 2016-10-05 11:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-14 12:48 - 2016-10-05 11:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-14 12:48 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-14 12:48 - 2016-10-05 11:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-14 12:48 - 2016-10-05 11:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-14 12:48 - 2016-10-05 11:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-14 12:48 - 2016-10-05 11:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-14 12:48 - 2016-10-05 11:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-14 12:48 - 2016-10-05 11:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-14 12:48 - 2016-10-05 11:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-14 12:48 - 2016-10-05 11:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-14 12:48 - 2016-10-05 11:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-14 12:48 - 2016-10-05 11:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-14 12:48 - 2016-10-05 11:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-14 12:48 - 2016-10-05 11:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-14 12:48 - 2016-10-05 11:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-14 12:48 - 2016-10-05 11:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-14 12:48 - 2016-10-05 11:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-14 12:48 - 2016-10-05 11:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-14 12:48 - 2016-10-05 11:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-14 12:48 - 2016-10-05 11:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-14 12:48 - 2016-10-05 11:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-14 12:48 - 2016-10-05 11:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-14 12:48 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-14 12:47 - 2016-10-05 12:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-14 12:47 - 2016-10-05 12:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-14 12:47 - 2016-10-05 12:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-14 12:47 - 2016-10-05 12:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-14 12:47 - 2016-10-05 12:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-14 12:47 - 2016-10-05 12:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-14 12:47 - 2016-10-05 12:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-14 12:47 - 2016-10-05 11:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-14 12:47 - 2016-10-05 11:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-14 12:47 - 2016-10-05 11:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-14 12:47 - 2016-10-05 11:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-14 12:47 - 2016-10-05 11:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-14 12:47 - 2016-10-05 11:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-14 12:47 - 2016-10-05 11:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-14 12:47 - 2016-10-05 11:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-14 12:47 - 2016-10-05 11:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-14 12:47 - 2016-10-05 11:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-14 12:47 - 2016-10-05 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-14 12:47 - 2016-10-05 11:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-14 12:47 - 2016-10-05 11:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-14 12:47 - 2016-10-05 11:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-14 12:47 - 2016-10-05 11:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-14 12:47 - 2016-10-05 11:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-14 12:47 - 2016-10-05 11:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-14 12:47 - 2016-10-05 11:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-14 12:47 - 2016-10-05 11:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-14 12:47 - 2016-10-05 11:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-14 12:47 - 2016-10-05 11:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-14 12:47 - 2016-10-05 11:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-14 12:47 - 2016-10-05 11:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-14 12:47 - 2016-10-05 11:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-14 12:47 - 2016-10-05 11:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-14 12:47 - 2016-10-05 11:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-14 12:47 - 2016-10-05 11:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-14 12:47 - 2016-10-05 11:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-14 12:47 - 2016-10-05 11:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-14 12:47 - 2016-10-05 11:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-14 12:47 - 2016-10-05 11:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-14 12:47 - 2016-10-05 11:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-14 12:47 - 2016-10-05 11:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-14 12:47 - 2016-10-05 11:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-14 12:47 - 2016-10-05 11:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-14 12:47 - 2016-10-05 11:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-14 12:47 - 2016-10-05 11:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-14 12:47 - 2016-10-05 11:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-14 12:47 - 2016-10-05 02:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-10 20:07 - 2016-10-10 20:07 - 00008033 ____T C:\Users\Joerg\Documents\Receipt 128-00844.zip
2016-10-10 19:34 - 2016-10-10 19:38 - 1706256384 _____ C:\Users\Joerg\Downloads\KB3AIK_DE.iso
2016-10-10 17:57 - 2016-10-10 17:57 - 00004096 ___SH C:\{C70ADB08-C80E-4E35-B7B6-D3571882878D}.CBM
2016-10-10 17:00 - 2016-10-10 17:01 - 00547644 _____ C:\WINDOWS\Minidump\101016-29343-01.dmp
2016-10-10 16:49 - 2016-10-10 17:11 - 00354304 ___SH C:\EUMONBMP.SYS
2016-10-10 00:36 - 2016-10-10 00:36 - 03216344 _____ (Abelssoft ) C:\Users\Joerg\Downloads\checkdrive (1).exe
2016-10-10 00:36 - 2016-10-10 00:36 - 00001117 _____ C:\Users\Public\Desktop\CheckDrive.lnk
2016-10-10 00:36 - 2016-10-10 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheckDrive
2016-10-10 00:36 - 2016-10-10 00:36 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2016-10-10 00:35 - 2016-10-10 00:35 - 03216344 _____ (Abelssoft ) C:\Users\Joerg\Downloads\checkdrive.exe
2016-10-10 00:18 - 2016-10-10 00:18 - 00490492 _____ C:\WINDOWS\Minidump\101016-38359-01.dmp
2016-10-09 23:54 - 2016-10-09 23:55 - 00525892 _____ C:\WINDOWS\Minidump\100916-30718-01.dmp
2016-10-09 21:30 - 2016-10-09 21:31 - 00497596 _____ C:\WINDOWS\Minidump\100916-27062-01.dmp
2016-10-08 17:34 - 2016-10-08 17:35 - 00000000 ____D C:\Users\Joerg\Downloads\shexview-x64
2016-10-08 16:23 - 2016-10-08 16:23 - 00097609 _____ C:\Users\Joerg\Downloads\shexview-x64.zip
2016-10-07 22:36 - 2016-10-17 13:00 - 00000000 ____D C:\Program Files\COMODO
2016-10-07 22:36 - 2014-10-07 13:14 - 03550400 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\COSService.exe
2016-10-07 22:36 - 2014-10-07 13:14 - 02575552 _____ (COMODO Security Solutions) C:\WINDOWS\system32\Drivers\SynchronizationService.exe
2016-10-07 22:35 - 2016-10-07 22:35 - 22435552 _____ (COMODO) C:\Users\Joerg\Downloads\CB_setup.exe
2016-10-07 22:03 - 2016-10-07 22:03 - 01381582 _____ (Igor Pavlov) C:\Users\Joerg\Downloads\7z1604-x64.exe
2016-10-07 22:03 - 2016-10-07 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-07 22:03 - 2016-10-07 22:03 - 00000000 ____D C:\Program Files\7-Zip
2016-10-06 19:33 - 2016-10-07 18:56 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-10-05 20:40 - 2016-10-05 20:40 - 00001080 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2016-10-05 20:40 - 2016-10-05 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-10-05 20:39 - 2016-10-05 20:40 - 00000000 ____D C:\Program Files\Tracker Software
2016-10-05 20:38 - 2016-10-05 20:38 - 17934408 _____ (Tracker Software Products Ltd ) C:\Users\Joerg\Downloads\PDFXVwer_2.5.318.1.exe
2016-10-05 20:31 - 2016-10-05 20:31 - 00110705 _____ C:\Users\Joerg\Downloads\AZG1149490006_004_20160531 (13).pdf
2016-10-05 20:28 - 2016-10-05 20:28 - 00110948 _____ C:\Users\Joerg\Downloads\AZG1149490006_002_20160729 (2).pdf
2016-10-05 20:25 - 2016-10-05 20:25 - 00113349 _____ C:\Users\Joerg\Downloads\AZG1149490006_003_20160831 (4).pdf
2016-10-03 22:44 - 2016-10-03 22:44 - 19867632 _____ (IDRIX) C:\Users\Joerg\Downloads\veracrypt_setup_1.18a.exe
2016-10-03 16:47 - 2016-10-28 22:05 - 00000000 ____D C:\Users\Joerg\AppData\LocalLow\LastPass
2016-10-03 12:54 - 2016-10-28 00:51 - 00034890 _____ C:\bdlog.txt
2016-10-03 12:36 - 2016-10-03 12:36 - 00000000 ____D C:\Users\Joerg\AppData\Temp
2016-10-03 12:09 - 2016-10-03 12:09 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-10-03 11:57 - 2016-10-03 11:57 - 00378813 _____ C:\ProgramData\cl.1475487556.bdinstall.bin
2016-10-03 11:57 - 2016-10-03 11:57 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-10-03 11:56 - 2016-10-07 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2016-10-03 11:56 - 2016-10-03 11:56 - 00002316 _____ C:\Users\Public\Desktop\Bitdefender 2017.lnk
2016-10-03 11:56 - 2016-10-03 11:56 - 00000684 ____H C:\bdr-cf01
2016-10-03 11:46 - 2016-10-03 11:55 - 00000000 ____D C:\ProgramData\BDLogging
2016-10-03 11:46 - 2016-03-14 22:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-10-03 11:46 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-10-03 11:45 - 2016-10-27 21:22 - 01605376 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-10-03 11:45 - 2016-10-27 21:22 - 00878072 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-10-03 11:45 - 2016-08-11 17:42 - 00300840 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-10-03 11:45 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-10-03 11:44 - 2016-10-03 11:57 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\Bitdefender
2016-10-03 11:44 - 2016-10-03 11:56 - 00253404 ____H C:\bdr-ld01
2016-10-03 11:44 - 2016-10-03 11:56 - 00009216 ____H C:\bdr-ld01.mbr
2016-10-03 11:44 - 2016-04-18 12:37 - 49758821 ____H C:\bdr-im01.gz
2016-10-03 11:44 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2016-10-03 11:39 - 2016-10-03 12:15 - 00000000 ____D C:\ProgramData\Bitdefender
2016-10-03 11:39 - 2016-10-03 11:39 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Users\Joerg\AppData\Roaming\QuickScan
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-10-03 11:39 - 2016-10-03 11:39 - 00000000 ____D C:\Program Files\Bitdefender
2016-10-03 11:39 - 2016-03-10 07:41 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-10-03 11:39 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-10-03 11:37 - 2016-10-28 22:12 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-10-03 11:37 - 2016-10-03 11:37 - 00046605 _____ C:\ProgramData\agent.1475487468.bdinstall.bin
2016-10-03 11:37 - 2016-10-03 11:37 - 00001022 _____ C:\Users\Joerg\Desktop\Neues Textdokument (6).txt
2016-10-03 11:37 - 2016-10-03 11:37 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-10-03 11:13 - 2016-10-03 11:37 - 09052632 _____ C:\Users\Joerg\Downloads\bitdefender_isecurity.exe
2016-10-03 02:17 - 2016-10-10 17:00 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-03 02:17 - 2016-10-03 02:17 - 00262144 ____N C:\WINDOWS\Minidump\100316-33250-01.dmp
2016-10-03 00:59 - 2016-10-02 23:37 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-03 00:57 - 2016-10-10 17:11 - 00000000 ____D C:\WINDOWS\system32\config\regsave
2016-10-03 00:53 - 2016-10-03 00:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-03 00:53 - 2016-10-03 00:53 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-10-03 00:53 - 2016-10-03 00:53 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-10-03 00:53 - 2016-10-03 00:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-10-03 00:53 - 2016-10-03 00:53 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-10-03 00:53 - 2016-10-03 00:53 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-03 00:53 - 2016-10-03 00:53 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-03 00:53 - 2016-10-03 00:53 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-03 00:53 - 2016-10-03 00:53 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19