| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1 - 3 Tabs öffnen beim start von ChromeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.12.2016, 21:52
| #1 |
 |  Windows 8.1 - 3 Tabs öffnen beim start von Chrome Hallo, meine Freundin scheint sich was auf ihren Laptop eingefangen zu haben. Es tauchen immer 3 tabs auf. Habe schon Adw cleaner benutzt und es war auch kurz weg, aber es karm wieder. Habe AdwCleaner 2 mal benutzt. Werde beide Logs anhängen. Kann den Frst log nicht posten da er zu lang ist. Soll ich ihn aufteilen oder anhängen? Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2016
durchgeführt von Jennifer (19-12-2016 21:31:46)
Gestartet von C:\Users\Jennifer\Downloads
Windows 8.1 (Update) (X64) (2016-12-11 22:24:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-649119274-1381554577-854056105-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-649119274-1381554577-854056105-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-649119274-1381554577-854056105-1003 - Limited - Enabled)
Jennifer (S-1-5-21-649119274-1381554577-854056105-1001 - Administrator - Enabled) => C:\Users\Jennifer
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{67CE6958-05DC-7484-86DD-8C5A903B53F6}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.279 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{EE1735AB-67DE-5169-87F2-CE7BB38318D8}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {098C033B-C479-468A-B578-FD9FD63A3AEA} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\51772996\D\UpgradeDownload.exe [2016-12-12] ()
Task: {1BBEAF7F-12C2-45E5-AAB7-58363DEE761C} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {4062C580-06ED-4923-8460-6FF39AF2F64D} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {60F187CB-3F82-4594-8708-1E87D94CBB33} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {74A8C9E5-E5E7-4543-B3BE-D5583FD3407C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {7F9B24CF-B19D-4DB0-A6DC-4710A6F92DDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {852169C4-AFC6-445E-83DF-BEE690627089} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-12-16] (McAfee, Inc.)
Task: {8A5A8CC3-FAC9-418E-AA16-0BCBB2FC08BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {9236C15E-1BCC-4163-9A5E-832137C455D0} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {94BA8D09-4A87-452E-8CE0-6A93D60FA418} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {A5350229-6790-4F62-BC79-5A91B1433DE6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B5B72E86-8EC0-499E-AA34-3BD1475B09C7} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {B7AB6718-59AB-4BB2-B3C3-689561F397A1} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {BE21395D-2602-40FB-8145-F586B0385C5A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Jennifer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LOVEFiLM.lnk -> C:\Program Files\LoveFilm\StartURL.exe () -> hxxp://Lovefilm.de/acer
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2016-12-15 23:45 - 2016-10-25 00:31 - 00508368 _____ () C:\Program Files\Common Files\McAfee\Sustainability\GenericPlugin.dll
2016-12-18 23:12 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-18 23:12 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-04-19 01:35 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-649119274-1381554577-854056105-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jennifer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop-hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{85929F6E-B495-44F0-A0D4-C9BEEAB9FDC1}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{B3569F8D-0B9F-47F0-A71C-87E829A5DD10}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{BDF5AD5B-5CD7-46A2-9405-E56342A5B397}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A98197C2-6E7C-4EA8-86D9-194ABCAE4F3F}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9542399A-7167-4F08-B577-94EAD6349C69}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2E5EB5D2-CF6B-4F63-BFA5-8C9AB5334EAA}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BFED4199-1442-4758-B9AB-401CDCDD542F}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5416348E-25AF-4AA0-A395-AC531BF13B40}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EB8A60A7-2A42-4D48-8745-87657B7B0AA3}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{29B509AD-B3EE-4ADE-92EB-E94F6F931C6A}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{44A2A290-B486-4F6E-8396-89F7E73E0EE1}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{B198B03D-59E5-4BB9-BA18-6C695680E161}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{60FA934B-2940-437E-9D2E-111AA6F29870}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5E8488D0-16F2-47A6-A7A5-1CBC968936B9}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FE31DEF0-22B7-4B92-995C-97A7589ADBE5}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F341662B-02EB-4E00-8B1E-580FD3BBAF8D}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{B3B6103D-1BE2-488D-9935-A3E9179CB62E}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FD61A23C-40BF-4EB0-9D05-3FD442B80509}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{66FB83C4-A4CE-42AA-A1B6-26056F594FD9}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0520448A-3985-4BD9-BB6C-00B1505B7E2B}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0C253FDF-1BAA-4770-9277-A58348C1EE1D}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{D6799635-387C-4F48-8120-28DD22B804D3}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{BD0A5C12-67CA-4A92-94A3-A30B229274AA}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{06B6FB35-F9BF-4553-A06B-98B36F1DF2B3}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{8E9DABF8-8FD9-4EDB-BF13-BD47E546522F}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{BD71E55A-6A3B-4C66-92AD-79F3CDFE030D}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{EE9147DA-7859-49F4-A228-3E91DCD9B8A7}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{C518C2D5-0816-4890-9487-C009D5FF8584}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{E1118FDF-B796-4B6C-9669-5A588812A075}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C9BF24D8-496E-49DE-BF3D-D8F2677585AE}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A1B098B6-B636-4A71-BF3C-D75997495B0D}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{5399B5A3-3A86-4EA9-B457-B9B6ED2AAB8C}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{03B9BBF5-E115-42A0-9DF1-C807993CEB33}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{6A6CCF68-3602-4DE7-ADBD-4B15EEACBE59}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{8F5CF3C7-C773-42EA-89B5-9438797A5444}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{B7D94D40-1059-4E10-AEC0-AEDD20A28FAD}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{994591F9-477D-4BE5-A4F4-6204ABD58CCD}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F91E1186-4796-4095-802B-C6701FD2BF7D}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{3674B129-3BF3-42DE-8C11-758801B1B8DC}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D9E40EB6-4B0F-4B0A-AD8C-087B58846093}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E495631-9550-4AA5-B523-705C844F6F13}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
15-12-2016 13:15:37 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/18/2016 09:33:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: igd10iumd32.dll, Version: 10.18.10.3355, Zeitstempel: 0x52839b37
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000d67d0
ID des fehlerhaften Prozesses: 0x91c
Startzeit der fehlerhaften Anwendung: 0x01d2592b4d772065
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\igd10iumd32.dll
Berichtskennung: 4b1c1571-c561-11e6-8258-a4db306bb8bc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/17/2016 06:57:14 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest" in Zeile 4.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (12/17/2016 06:57:14 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest" in Zeile 4.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (12/17/2016 06:57:14 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest" in Zeile 4.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (12/15/2016 11:41:44 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Error: (12/15/2016 11:41:00 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Error: (12/15/2016 11:40:45 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Error: (12/15/2016 11:40:44 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Error: (12/15/2016 11:40:44 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Error: (12/15/2016 11:39:44 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
Systemfehler:
=============
Error: (12/19/2016 09:29:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (12/18/2016 11:59:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (12/18/2016 11:59:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/18/2016 11:59:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 11:59:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/18/2016 11:59:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 11:59:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 11:59:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 11:59:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 11:59:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 6143 MB
Summe virtueller Speicher: 9992.27 MB
Verfügbarer virtueller Speicher: 7960.64 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:337.37 GB) (Free:297.61 GB) NTFS
Drive d: (DATA) (Fixed) (Total:337.37 GB) (Free:337.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8555F800)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 18/12/2016 um 23:26:04
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-18.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Jennifer - NI
# Gestartet von : C:\Users\Jennifer\Downloads\AdwCleaner_6.041.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\Jennifer\AppData\Local\SweetLabs App Platform
Ordner Gefunden: C:\Users\Default\AppData\Local\Pokki
Ordner Gefunden: C:\Users\Public\Pokki
Ordner Gefunden: C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd
***** [ Dateien ] *****
Datei Gefunden: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Datei Gefunden: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Datei Gefunden: C:\Users\Public\Desktop\eBay.lnk
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: SweetLabs App Platform
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf
Schlüssel Gefunden: HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\SweetLabs App Platform
Schlüssel Gefunden: HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Schlüssel Gefunden: HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Schlüssel Gefunden: HKCU\Software\SweetLabs App Platform
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Schlüssel Gefunden: [x64] HKCU\Software\SweetLabs App Platform
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Schlüssel Gefunden: HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-343&v=n10781-213&t=4
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.nationzoom.com/?type=hp&ts=1388456735&from=adks&uid=TOSHIBAXMQ01ABD075_93PDW2P0TXX93PDW2P0T
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - iefogiieekeeeeaiklglonbockmhmkgd
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [4341 Bytes] - [18/12/2016 23:26:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4414 Bytes] ##########
AdwCleaner 2 Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 18/12/2016 um 23:57:30
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-18.1 [Lokal]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Jennifer - NI
# Gestartet von : C:\Users\Jennifer\Downloads\AdwCleaner_6.041.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Web data] - amazon.de
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.avira.com
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Web data] - adblock-plus-fur-google-chrome.softonic.de
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Web data] - nationzoom
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-343&v=n10781-213&t=4
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.nationzoom.com/?type=hp&ts=1388456735&from=adks&uid=TOSHIBAXMQ01ABD075_93PDW2P0TXX93PDW2P0T
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - iefogiieekeeeeaiklglonbockmhmkgd
Chrome pref Gefunden: [C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4789 Bytes] - [18/12/2016 23:28:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [4521 Bytes] - [18/12/2016 23:26:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [2659 Bytes] - [18/12/2016 23:57:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2732 Bytes] ##########
__________________ So viele Religionen und ich konventiere nur zu .pdf |
|
20.12.2016, 09:57
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Bitte auch FRST.txt posten.
__________________ |
|
20.12.2016, 12:23
| #3 |
| | Windows 8.1 - 3 Tabs öffnen beim start von Chrome FRST 1/2
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
durchgeführt von Jennifer (Administrator) auf NI (19-12-2016 21:30:07)
Gestartet von C:\Users\Jennifer\Downloads
Geladene Profile: Jennifer (Verfügbare Profile: Jennifer & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.829.0\McCSPServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9289D202-D0E6-40AF-9F59-645F53F9C1E4}: [DhcpNameServer] 10.57.1.1
Tcpip\..\Interfaces\{DF7D7744-87F7-467C-B7E9-2EA4B516ACA8}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-649119274-1381554577-854056105-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-649119274-1381554577-854056105-1001 -> DefaultScope {1F401484-1E12-4244-A054-B38D16EB083F} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-18] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
Chrome:
=======
CHR HomePage: Default -> hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-343&v=n10781-213&t=4","hxxp://www.nationzoom.com/?type=hp&ts=1388456735&from=adks&uid=TOSHIBAXMQ01ABD075_93PDW2P0TXX93PDW2P0T","hxxps://web-start-page.com/?s=acer&m=start&brw=ch"
CHR Profile: C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default [2016-12-19]
CHR Extension: (Google Präsentationen) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-18]
CHR Extension: (Google Docs) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-18]
CHR Extension: (Google Drive) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-18]
CHR Extension: (YouTube) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-18]
CHR Extension: (Adblock Plus) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18]
CHR Extension: (Google Mail) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-12-16]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-12-16]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 0260191482103108mcinstcleanup; C:\WINDOWS\TEMP\026019~1.EXE [883024 2016-12-19] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2016-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-19 21:30 - 2016-12-19 21:31 - 00018271 _____ C:\Users\Jennifer\Downloads\FRST.txt
2016-12-19 21:28 - 2016-12-19 21:30 - 00000000 ____D C:\FRST
2016-12-19 21:27 - 2016-12-19 21:27 - 02420224 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64.exe
2016-12-19 00:03 - 2016-12-19 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-18 23:42 - 2016-12-18 23:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-12-18 23:21 - 2016-12-18 23:59 - 00000000 ____D C:\AdwCleaner
2016-12-18 23:18 - 2016-12-18 23:18 - 03977168 _____ C:\Users\Jennifer\Downloads\AdwCleaner_6.041.exe
2016-12-18 23:12 - 2016-12-18 23:17 - 00003542 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-18 23:12 - 2016-12-18 23:17 - 00003414 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-18 23:12 - 2016-12-18 23:12 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-18 23:12 - 2016-12-18 23:12 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-18 23:12 - 2016-12-18 23:12 - 00000000 ____D C:\Users\Jennifer\AppData\Local\Google
2016-12-18 23:12 - 2016-12-18 23:12 - 00000000 ____D C:\Users\Jennifer\AppData\Local\Deployment
2016-12-18 23:12 - 2016-12-18 23:12 - 00000000 ____D C:\Users\Jennifer\AppData\Local\Apps\2.0
2016-12-18 23:12 - 2016-12-18 23:12 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-18 20:58 - 2016-12-19 21:24 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-12-16 15:12 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-12-16 15:12 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-12-16 15:11 - 2016-12-16 15:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-16 15:11 - 2016-12-16 15:11 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-16 14:54 - 2014-03-20 05:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-12-16 14:54 - 2014-03-20 04:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-16 14:54 - 2014-03-20 04:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-12-16 14:54 - 2014-03-20 04:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-16 14:54 - 2014-03-20 02:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2016-12-16 14:54 - 2014-03-20 02:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-16 14:54 - 2014-03-19 08:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-16 14:54 - 2014-03-19 06:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2016-12-16 14:54 - 2014-03-19 05:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-12-16 14:54 - 2014-03-19 05:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2016-12-16 14:54 - 2014-03-13 13:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-12-16 14:54 - 2014-03-11 14:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-16 14:54 - 2014-03-11 14:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-16 14:54 - 2014-03-11 13:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-12-16 14:54 - 2014-03-11 13:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-12-16 14:54 - 2014-03-08 21:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-16 14:54 - 2014-03-08 16:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-12-16 14:54 - 2014-03-08 16:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-12-16 14:54 - 2014-03-08 12:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-16 14:54 - 2014-03-08 08:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-16 14:54 - 2014-03-08 08:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-12-16 14:54 - 2014-03-08 07:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-12-16 14:54 - 2014-03-08 07:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-12-16 14:54 - 2014-03-08 07:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-16 14:54 - 2014-03-08 06:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-16 14:54 - 2014-03-06 15:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-12-16 14:54 - 2014-03-06 15:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-12-16 14:54 - 2014-03-06 13:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-16 14:54 - 2014-03-06 13:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-16 14:54 - 2014-03-06 13:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-16 14:54 - 2014-03-06 13:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-16 14:54 - 2014-03-06 13:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-16 14:54 - 2014-03-06 13:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-16 14:54 - 2014-03-06 12:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-12-16 14:54 - 2014-03-06 12:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-16 14:54 - 2014-03-06 11:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-12-16 14:54 - 2014-03-06 10:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-16 14:54 - 2014-03-06 10:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-16 14:54 - 2014-03-06 09:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-16 14:54 - 2014-03-06 08:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-16 14:54 - 2014-03-06 08:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-12-16 14:54 - 2014-03-06 07:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-16 14:54 - 2014-03-06 07:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-12-16 14:54 - 2014-03-06 07:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-16 14:54 - 2014-03-06 07:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-16 14:54 - 2014-03-06 07:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-16 14:54 - 2014-03-06 07:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-12-16 14:54 - 2014-03-06 07:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-12-16 14:54 - 2014-03-06 07:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-16 14:54 - 2014-03-06 07:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-16 14:54 - 2014-03-06 06:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-12-16 14:54 - 2014-03-06 06:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-16 14:54 - 2014-03-06 06:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-12-16 14:54 - 2014-03-06 06:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-16 14:54 - 2014-03-06 06:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-12-16 14:54 - 2014-03-06 06:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-16 14:54 - 2014-03-06 06:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-16 14:54 - 2014-03-06 06:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-12-16 14:54 - 2014-03-04 13:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-16 14:54 - 2014-03-04 13:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-12-16 14:54 - 2014-03-04 12:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-16 14:54 - 2014-03-04 08:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-12-16 14:54 - 2014-03-04 08:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-12-16 14:54 - 2014-03-04 07:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-12-16 14:54 - 2014-03-04 07:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-16 14:53 - 2014-03-20 04:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-16 14:53 - 2014-03-20 01:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-12-16 14:53 - 2014-03-20 01:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2016-12-16 14:53 - 2014-03-20 00:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-12-16 14:53 - 2014-03-20 00:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-12-16 14:53 - 2014-03-20 00:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2016-12-16 14:53 - 2014-03-19 06:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2016-12-16 14:53 - 2014-03-19 06:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-12-16 14:53 - 2014-03-19 06:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2016-12-16 14:53 - 2014-03-19 06:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-12-16 14:53 - 2014-03-15 05:56 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-12-16 14:53 - 2014-03-15 05:44 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-12-16 14:53 - 2014-03-12 14:45 - 00387210 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-12-16 14:53 - 2014-03-11 16:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-12-16 14:53 - 2014-03-11 16:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-12-16 14:53 - 2014-03-11 16:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-12-16 14:53 - 2014-03-11 15:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-12-16 14:53 - 2014-03-11 15:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-12-16 14:53 - 2014-03-11 15:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-16 14:53 - 2014-03-11 15:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-12-16 14:53 - 2014-03-11 15:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-16 14:53 - 2014-03-08 21:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-16 14:53 - 2014-03-08 21:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-12-16 14:53 - 2014-03-08 21:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2016-12-16 14:53 - 2014-03-08 21:35 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-12-16 14:53 - 2014-03-08 21:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-12-16 14:53 - 2014-03-08 10:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-12-16 14:53 - 2014-03-08 10:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2016-12-16 14:53 - 2014-03-08 09:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2016-12-16 14:53 - 2014-03-08 09:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2016-12-16 14:53 - 2014-03-08 09:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2016-12-16 14:53 - 2014-03-08 09:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2016-12-16 14:53 - 2014-03-08 08:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-12-16 14:53 - 2014-03-08 08:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-12-16 14:53 - 2014-03-08 08:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2016-12-16 14:53 - 2014-03-08 08:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-12-16 14:53 - 2014-03-08 08:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-12-16 14:53 - 2014-03-08 08:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-12-16 14:53 - 2014-03-08 07:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-12-16 14:53 - 2014-03-08 07:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-16 14:53 - 2014-03-08 07:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-12-16 14:53 - 2014-03-08 07:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-12-16 14:53 - 2014-03-08 07:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-12-16 14:53 - 2014-03-08 07:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-16 14:53 - 2014-03-08 07:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-12-16 14:53 - 2014-03-08 07:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-12-16 14:53 - 2014-03-08 07:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-16 14:53 - 2014-03-08 06:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-12-16 14:53 - 2014-03-08 06:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-12-16 14:53 - 2014-03-06 15:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2016-12-16 14:53 - 2014-03-06 13:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-12-16 14:53 - 2014-03-06 13:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-16 14:53 - 2014-03-06 13:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-16 14:53 - 2014-03-06 13:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-16 14:53 - 2014-03-06 13:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-12-16 14:53 - 2014-03-06 13:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-16 14:53 - 2014-03-06 12:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-12-16 14:53 - 2014-03-06 12:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2016-12-16 14:53 - 2014-03-06 12:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-16 14:53 - 2014-03-06 11:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-12-16 14:53 - 2014-03-06 11:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-16 14:53 - 2014-03-06 11:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-16 14:53 - 2014-03-06 11:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-16 14:53 - 2014-03-06 10:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-12-16 14:53 - 2014-03-06 10:24 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-12-16 14:53 - 2014-03-06 10:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-12-16 14:53 - 2014-03-06 10:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-12-16 14:53 - 2014-03-06 10:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-12-16 14:53 - 2014-03-06 10:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-12-16 14:53 - 2014-03-06 10:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-12-16 14:53 - 2014-03-06 10:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-12-16 14:53 - 2014-03-06 10:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-12-16 14:53 - 2014-03-06 10:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-16 14:53 - 2014-03-06 10:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2016-12-16 14:53 - 2014-03-06 10:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2016-12-16 14:53 - 2014-03-06 10:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2016-12-16 14:53 - 2014-03-06 10:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2016-12-16 14:53 - 2014-03-06 10:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2016-12-16 14:53 - 2014-03-06 09:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2016-12-16 14:53 - 2014-03-06 09:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-12-16 14:53 - 2014-03-06 09:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2016-12-16 14:53 - 2014-03-06 09:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-12-16 14:53 - 2014-03-06 09:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2016-12-16 14:53 - 2014-03-06 09:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2016-12-16 14:53 - 2014-03-06 09:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-12-16 14:53 - 2014-03-06 08:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-12-16 14:53 - 2014-03-06 08:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-12-16 14:53 - 2014-03-06 08:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2016-12-16 14:53 - 2014-03-06 08:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-12-16 14:53 - 2014-03-06 08:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-12-16 14:53 - 2014-03-06 07:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-12-16 14:53 - 2014-03-06 07:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-16 14:53 - 2014-03-06 07:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-12-16 14:53 - 2014-03-06 07:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-16 14:53 - 2014-03-06 07:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-12-16 14:53 - 2014-03-06 07:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-12-16 14:53 - 2014-03-06 07:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2016-12-16 14:53 - 2014-03-06 07:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2016-12-16 14:53 - 2014-03-06 07:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-12-16 14:53 - 2014-03-06 07:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-12-16 14:53 - 2014-03-06 07:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2016-12-16 14:53 - 2014-03-06 07:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-12-16 14:53 - 2014-03-06 07:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-16 14:53 - 2014-03-06 07:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2016-12-16 14:53 - 2014-03-06 07:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-16 14:53 - 2014-03-06 07:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-12-16 14:53 - 2014-03-06 07:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-12-16 14:53 - 2014-03-06 07:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-12-16 14:53 - 2014-03-06 06:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-16 14:53 - 2014-03-06 06:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-12-16 14:53 - 2014-03-06 06:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-12-16 14:53 - 2014-03-06 06:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-12-16 14:53 - 2014-03-06 06:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-12-16 14:53 - 2014-03-04 13:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-12-16 14:53 - 2014-03-04 13:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-12-16 14:53 - 2014-03-04 12:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-12-16 14:53 - 2014-03-04 08:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-12-16 14:53 - 2014-03-04 08:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-12-16 14:53 - 2014-03-04 07:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-12-16 14:53 - 2014-03-04 07:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-12-16 14:53 - 2014-03-04 07:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-12-16 14:53 - 2014-03-04 07:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-12-16 14:53 - 2014-03-04 07:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-12-16 14:53 - 2014-03-04 07:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-12-16 14:53 - 2014-03-04 07:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2016-12-16 14:53 - 2014-03-04 06:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2016-12-16 14:53 - 2014-03-04 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-16 14:53 - 2014-02-06 23:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-12-16 14:53 - 2014-02-06 22:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-12-16 14:53 - 2013-12-24 00:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-12-16 14:53 - 2013-12-24 00:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-12-16 14:52 - 2014-03-02 11:20 - 23549952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-16 14:52 - 2014-03-02 10:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-16 14:52 - 2014-02-26 07:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-12-16 14:49 - 2014-02-22 16:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-16 14:49 - 2014-02-22 16:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-12-16 14:49 - 2014-02-22 13:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2016-12-16 14:49 - 2014-02-22 12:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2016-12-16 14:49 - 2014-02-22 12:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-16 14:49 - 2014-02-22 11:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-16 14:49 - 2014-02-22 11:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-12-16 14:49 - 2014-02-22 11:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-12-16 14:49 - 2014-02-22 10:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-16 14:49 - 2014-02-22 10:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-16 14:49 - 2014-02-22 10:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-12-16 14:49 - 2014-02-22 10:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-12-16 14:49 - 2014-02-08 02:08 - 00139600 _____ C:\WINDOWS\system32\systemsf.ebd
2016-12-16 14:48 - 2014-02-22 17:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-16 14:48 - 2014-02-22 17:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-16 14:48 - 2014-02-22 17:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-12-16 14:48 - 2014-02-22 17:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-12-16 14:48 - 2014-02-22 17:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-12-16 14:48 - 2014-02-22 17:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2016-12-16 14:48 - 2014-02-22 16:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-12-16 14:48 - 2014-02-22 16:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-12-16 14:48 - 2014-02-22 16:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-12-16 14:48 - 2014-02-22 16:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-12-16 14:48 - 2014-02-22 16:49 - 00280920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-16 14:48 - 2014-02-22 16:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-12-16 14:48 - 2014-02-22 16:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-16 14:48 - 2014-02-22 16:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-12-16 14:48 - 2014-02-22 16:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-16 14:48 - 2014-02-22 16:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-12-16 14:48 - 2014-02-22 16:44 - 00539992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-12-16 14:48 - 2014-02-22 16:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-12-16 14:48 - 2014-02-22 16:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-16 14:48 - 2014-02-22 16:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-16 14:48 - 2014-02-22 16:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-16 14:48 - 2014-02-22 16:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-16 14:48 - 2014-02-22 16:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-16 14:48 - 2014-02-22 16:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-12-16 14:48 - 2014-02-22 16:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2016-12-16 14:48 - 2014-02-22 16:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-12-16 14:48 - 2014-02-22 15:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-12-16 14:48 - 2014-02-22 15:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-12-16 14:48 - 2014-02-22 15:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-16 14:48 - 2014-02-22 15:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-12-16 14:48 - 2014-02-22 15:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-16 14:48 - 2014-02-22 15:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-12-16 14:48 - 2014-02-22 15:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-12-16 14:48 - 2014-02-22 15:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-12-16 14:48 - 2014-02-22 15:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-12-16 14:48 - 2014-02-22 15:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-12-16 14:48 - 2014-02-22 15:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2016-12-16 14:48 - 2014-02-22 13:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-16 14:48 - 2014-02-22 13:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2016-12-16 14:48 - 2014-02-22 13:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-16 14:48 - 2014-02-22 13:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2016-12-16 14:48 - 2014-02-22 13:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-12-16 14:48 - 2014-02-22 12:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-12-16 14:48 - 2014-02-22 12:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-16 14:48 - 2014-02-22 12:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-12-16 14:48 - 2014-02-22 12:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-12-16 14:48 - 2014-02-22 11:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-12-16 14:48 - 2014-02-22 11:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-12-16 14:48 - 2014-02-22 11:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-12-16 14:48 - 2014-02-22 11:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2016-12-16 14:48 - 2014-02-22 11:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-12-16 14:48 - 2014-02-22 11:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-16 14:48 - 2014-02-22 11:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-12-16 14:48 - 2014-02-22 11:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-12-16 14:48 - 2014-02-22 11:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-12-16 14:48 - 2014-02-22 11:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-12-16 14:48 - 2014-02-22 11:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-12-16 14:48 - 2014-02-22 11:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-12-16 14:48 - 2014-02-22 11:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-12-16 14:48 - 2014-02-22 11:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-12-16 14:48 - 2014-02-22 10:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-16 14:48 - 2014-02-22 10:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-16 14:48 - 2014-02-22 10:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-12-16 14:48 - 2014-02-22 10:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-12-16 14:48 - 2014-02-22 10:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-12-16 14:48 - 2014-02-22 10:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-12-16 14:48 - 2014-02-22 10:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-16 14:48 - 2014-02-22 10:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-12-16 14:48 - 2014-02-22 10:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-12-16 14:48 - 2014-02-22 10:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-12-16 14:48 - 2014-02-22 10:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2016-12-16 14:48 - 2014-02-22 10:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-12-16 14:48 - 2014-02-22 10:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-12-16 14:48 - 2014-02-22 10:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2016-12-16 14:48 - 2014-02-22 10:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-12-16 14:48 - 2014-02-22 10:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-12-16 14:48 - 2014-02-22 10:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-12-16 14:48 - 2014-02-22 10:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-16 14:48 - 2014-02-22 10:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-16 14:48 - 2014-02-22 10:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2016-12-16 14:48 - 2014-02-22 10:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-12-16 14:48 - 2014-02-22 10:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-12-16 14:48 - 2014-02-22 10:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-12-16 14:48 - 2014-02-22 10:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-12-16 14:48 - 2014-02-22 10:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-12-16 14:48 - 2014-02-22 10:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-12-16 14:48 - 2014-02-22 10:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-16 14:48 - 2014-02-22 10:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-16 14:48 - 2014-02-22 10:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-16 14:48 - 2014-02-22 10:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2016-12-16 14:48 - 2014-02-22 10:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-12-16 14:48 - 2014-02-22 10:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-12-16 14:48 - 2014-02-22 10:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-12-16 14:48 - 2014-02-22 09:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2016-12-16 14:48 - 2014-02-22 09:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-12-16 14:48 - 2014-02-22 09:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-12-16 14:48 - 2014-02-22 09:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-16 14:48 - 2014-02-22 09:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-12-16 14:48 - 2014-02-22 09:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-12-16 14:48 - 2014-02-22 09:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2016-12-16 14:48 - 2014-02-22 09:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-12-16 14:48 - 2014-02-22 09:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-16 14:48 - 2014-02-22 09:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-12-16 14:48 - 2014-02-22 09:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-12-16 14:48 - 2014-02-22 09:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-12-16 14:48 - 2014-02-22 09:42 - 03408384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-16 14:48 - 2014-02-22 09:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-12-16 14:48 - 2014-02-22 09:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-16 14:48 - 2014-02-22 09:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-12-16 14:48 - 2014-02-22 09:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-12-16 14:48 - 2014-02-22 09:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-12-16 14:48 - 2014-02-22 09:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-16 14:48 - 2014-02-22 09:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-16 14:48 - 2014-02-22 09:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-12-16 14:48 - 2014-02-22 09:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-12-16 14:48 - 2014-02-22 09:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-12-16 14:48 - 2014-02-22 09:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-12-16 14:48 - 2014-02-22 09:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-12-16 14:48 - 2014-02-22 09:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-16 14:48 - 2014-02-22 09:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-12-16 14:48 - 2014-02-22 09:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-16 14:48 - 2014-02-22 09:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-12-16 14:48 - 2014-02-22 09:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-12-16 14:48 - 2014-02-22 05:33 - 00262335 _____ C:\WINDOWS\system32\dfpinc.dat
2016-12-16 14:48 - 2014-02-02 15:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-12-16 14:48 - 2014-01-29 09:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-16 14:48 - 2014-01-29 08:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-16 14:48 - 2014-01-27 16:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-12-16 14:48 - 2013-12-10 08:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-16 14:48 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-12-16 14:48 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2016-12-16 14:47 - 2014-02-22 17:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2016-12-16 14:47 - 2014-02-22 17:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2016-12-16 14:47 - 2014-02-22 17:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-12-16 14:47 - 2014-02-22 17:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2016-12-16 14:47 - 2014-02-22 17:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-12-16 14:47 - 2014-02-22 17:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-12-16 14:47 - 2014-02-22 17:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-12-16 14:47 - 2014-02-22 17:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2016-12-16 14:47 - 2014-02-22 17:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-12-16 14:47 - 2014-02-22 17:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-16 14:47 - 2014-02-22 17:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2016-12-16 14:47 - 2014-02-22 17:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2016-12-16 14:47 - 2014-02-22 17:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-12-16 14:47 - 2014-02-22 17:00 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-12-16 14:47 - 2014-02-22 17:00 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-12-16 14:47 - 2014-02-22 17:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2016-12-16 14:47 - 2014-02-22 16:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
__________________ |
|
20.12.2016, 12:24
| #4 |
| | Windows 8.1 - 3 Tabs öffnen beim start von Chrome FRST 2/2 Code:
ATTFilter 2016-12-16 14:47 - 2014-02-22 16:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-16 14:47 - 2014-02-22 16:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-16 14:47 - 2014-02-22 16:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-12-16 14:47 - 2014-02-22 16:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-12-16 14:47 - 2014-02-22 16:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-16 14:47 - 2014-02-22 16:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2016-12-16 14:47 - 2014-02-22 16:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2016-12-16 14:47 - 2014-02-22 16:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-12-16 14:47 - 2014-02-22 16:49 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-12-16 14:47 - 2014-02-22 16:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-12-16 14:47 - 2014-02-22 16:49 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-12-16 14:47 - 2014-02-22 16:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2016-12-16 14:47 - 2014-02-22 16:49 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-12-16 14:47 - 2014-02-22 16:48 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-12-16 14:47 - 2014-02-22 16:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2016-12-16 14:47 - 2014-02-22 16:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-12-16 14:47 - 2014-02-22 16:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2016-12-16 14:47 - 2014-02-22 16:44 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-12-16 14:47 - 2014-02-22 16:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2016-12-16 14:47 - 2014-02-22 16:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-12-16 14:47 - 2014-02-22 16:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-12-16 14:47 - 2014-02-22 15:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2016-12-16 14:47 - 2014-02-22 15:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-16 14:47 - 2014-02-22 15:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2016-12-16 14:47 - 2014-02-22 15:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2016-12-16 14:47 - 2014-02-22 15:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-12-16 14:47 - 2014-02-22 15:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-12-16 14:47 - 2014-02-22 15:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-12-16 14:47 - 2014-02-22 15:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-16 14:47 - 2014-02-22 15:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-12-16 14:47 - 2014-02-22 15:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-12-16 14:47 - 2014-02-22 15:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2016-12-16 14:47 - 2014-02-22 15:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2016-12-16 14:47 - 2014-02-22 15:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-12-16 14:47 - 2014-02-22 15:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-12-16 14:47 - 2014-02-22 15:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-12-16 14:47 - 2014-02-22 15:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-12-16 14:47 - 2014-02-22 13:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-12-16 14:47 - 2014-02-22 13:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2016-12-16 14:47 - 2014-02-22 13:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2016-12-16 14:47 - 2014-02-22 13:14 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2016-12-16 14:47 - 2014-02-22 13:11 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-12-16 14:47 - 2014-02-22 13:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2016-12-16 14:47 - 2014-02-22 13:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2016-12-16 14:47 - 2014-02-22 13:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-12-16 14:47 - 2014-02-22 13:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2016-12-16 14:47 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-12-16 14:47 - 2014-02-22 12:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-12-16 14:47 - 2014-02-22 12:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2016-12-16 14:47 - 2014-02-22 12:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2016-12-16 14:47 - 2014-02-22 12:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-12-16 14:47 - 2014-02-22 12:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2016-12-16 14:47 - 2014-02-22 12:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-12-16 14:47 - 2014-02-22 12:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-12-16 14:47 - 2014-02-22 12:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2016-12-16 14:47 - 2014-02-22 12:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2016-12-16 14:47 - 2014-02-22 12:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-12-16 14:47 - 2014-02-22 12:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-16 14:47 - 2014-02-22 12:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2016-12-16 14:47 - 2014-02-22 12:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-12-16 14:47 - 2014-02-22 12:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2016-12-16 14:47 - 2014-02-22 12:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-12-16 14:47 - 2014-02-22 12:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2016-12-16 14:47 - 2014-02-22 12:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2016-12-16 14:47 - 2014-02-22 12:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2016-12-16 14:47 - 2014-02-22 11:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-12-16 14:47 - 2014-02-22 11:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-12-16 14:47 - 2014-02-22 11:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-12-16 14:47 - 2014-02-22 11:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2016-12-16 14:47 - 2014-02-22 11:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2016-12-16 14:47 - 2014-02-22 11:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-16 14:47 - 2014-02-22 11:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-12-16 14:47 - 2014-02-22 11:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2016-12-16 14:47 - 2014-02-22 11:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2016-12-16 14:47 - 2014-02-22 11:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-12-16 14:47 - 2014-02-22 11:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2016-12-16 14:47 - 2014-02-22 11:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2016-12-16 14:47 - 2014-02-22 11:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-12-16 14:47 - 2014-02-22 11:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-12-16 14:47 - 2014-02-22 11:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-12-16 14:47 - 2014-02-22 11:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-16 14:47 - 2014-02-22 11:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-12-16 14:47 - 2014-02-22 11:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-12-16 14:47 - 2014-02-22 11:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-12-16 14:47 - 2014-02-22 11:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-12-16 14:47 - 2014-02-22 11:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-12-16 14:47 - 2014-02-22 11:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-12-16 14:47 - 2014-02-22 11:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2016-12-16 14:47 - 2014-02-22 11:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2016-12-16 14:47 - 2014-02-22 11:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-16 14:47 - 2014-02-22 11:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-12-16 14:47 - 2014-02-22 11:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-12-16 14:47 - 2014-02-22 11:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-12-16 14:47 - 2014-02-22 11:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-12-16 14:47 - 2014-02-22 11:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2016-12-16 14:47 - 2014-02-22 11:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-12-16 14:47 - 2014-02-22 11:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-16 14:47 - 2014-02-22 11:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2016-12-16 14:47 - 2014-02-22 11:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-12-16 14:47 - 2014-02-22 10:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-12-16 14:47 - 2014-02-22 10:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2016-12-16 14:47 - 2014-02-22 10:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2016-12-16 14:47 - 2014-02-22 10:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-12-16 14:47 - 2014-02-22 10:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-16 14:47 - 2014-02-22 10:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-12-16 14:47 - 2014-02-22 10:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-12-16 14:47 - 2014-02-22 10:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-12-16 14:47 - 2014-02-22 10:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2016-12-16 14:47 - 2014-02-22 10:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2016-12-16 14:47 - 2014-02-22 10:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-16 14:47 - 2014-02-22 10:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-12-16 14:47 - 2014-02-22 10:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-12-16 14:47 - 2014-02-22 10:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2016-12-16 14:47 - 2014-02-22 10:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2016-12-16 14:47 - 2014-02-22 10:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-16 14:47 - 2014-02-22 10:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-16 14:47 - 2014-02-22 10:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2016-12-16 14:47 - 2014-02-22 10:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-16 14:47 - 2014-02-22 10:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-12-16 14:47 - 2014-02-22 10:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-12-16 14:47 - 2014-02-22 10:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-12-16 14:47 - 2014-02-22 10:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-16 14:47 - 2014-02-22 10:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-12-16 14:47 - 2014-02-22 10:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-12-16 14:47 - 2014-02-22 10:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-12-16 14:47 - 2014-02-22 10:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2016-12-16 14:47 - 2014-02-22 10:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-12-16 14:47 - 2014-02-22 10:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2016-12-16 14:47 - 2014-02-22 10:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-12-16 14:47 - 2014-02-22 10:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2016-12-16 14:47 - 2014-02-22 10:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-12-16 14:47 - 2014-02-22 10:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-12-16 14:47 - 2014-02-22 10:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-16 14:47 - 2014-02-22 10:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-16 14:47 - 2014-02-22 09:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-12-16 14:47 - 2014-02-22 09:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2016-12-16 14:47 - 2014-02-22 09:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2016-12-16 14:47 - 2014-02-22 09:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-12-16 14:47 - 2014-02-22 09:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-16 14:47 - 2014-02-22 09:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2016-12-16 14:47 - 2014-02-22 09:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-12-16 14:47 - 2014-02-22 09:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-16 14:47 - 2014-02-22 09:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-16 14:47 - 2014-02-22 09:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-12-16 14:47 - 2014-02-22 09:50 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-12-16 14:47 - 2014-02-22 09:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-12-16 14:47 - 2014-02-22 09:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-12-16 14:47 - 2014-02-22 09:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2016-12-16 14:47 - 2014-02-22 09:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-12-16 14:47 - 2014-02-22 09:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2016-12-16 14:47 - 2014-02-22 09:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2016-12-16 14:47 - 2014-02-22 09:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-12-16 14:47 - 2014-02-22 09:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-12-16 14:47 - 2014-02-22 09:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-12-16 14:47 - 2014-02-22 09:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-12-16 14:47 - 2014-02-22 09:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-16 14:47 - 2014-02-22 09:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-12-16 14:47 - 2014-02-22 09:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2016-12-16 14:47 - 2014-02-22 09:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-12-16 14:47 - 2014-02-22 09:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-12-16 14:47 - 2014-02-22 09:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-12-16 14:47 - 2014-02-22 09:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2016-12-16 14:47 - 2014-02-22 09:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-12-16 14:47 - 2014-02-22 09:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-12-16 14:47 - 2014-02-22 09:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-12-16 14:47 - 2014-02-22 09:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2016-12-16 14:47 - 2014-02-22 09:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2016-12-16 14:47 - 2014-02-22 09:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-12-16 14:47 - 2014-02-22 09:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2016-12-16 14:47 - 2014-02-22 09:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-12-16 14:47 - 2014-02-22 09:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-16 14:47 - 2014-02-22 09:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-12-16 14:47 - 2014-02-22 09:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-12-16 14:47 - 2014-02-22 09:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2016-12-16 14:47 - 2014-02-22 09:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-12-16 14:47 - 2014-02-22 09:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2016-12-16 14:47 - 2014-02-22 09:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-12-16 14:47 - 2014-02-22 09:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-12-16 14:47 - 2014-02-22 09:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-12-16 14:47 - 2014-02-22 09:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-12-16 14:47 - 2014-02-22 08:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-12-16 14:47 - 2014-02-02 14:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-12-16 14:47 - 2014-01-31 10:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-12-16 14:47 - 2014-01-31 10:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-12-16 14:47 - 2014-01-31 10:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-12-16 14:47 - 2014-01-31 10:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-12-16 14:47 - 2014-01-31 10:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-12-16 14:47 - 2014-01-31 09:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2016-12-16 14:47 - 2014-01-29 09:52 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-12-16 14:47 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-16 14:47 - 2014-01-27 20:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2016-12-16 14:47 - 2014-01-27 18:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-12-16 14:47 - 2014-01-17 18:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2016-12-16 14:47 - 2014-01-17 18:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2016-12-16 14:47 - 2014-01-08 02:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-12-16 14:47 - 2014-01-08 01:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-12-16 14:47 - 2013-12-04 19:41 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-12-16 14:47 - 2013-12-04 16:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-12-16 14:47 - 2013-12-04 16:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-12-16 14:47 - 2013-12-04 14:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-12-16 14:47 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-12-16 14:47 - 2013-11-11 00:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-12-16 14:47 - 2013-11-08 05:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-12-16 14:46 - 2014-02-22 17:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2016-12-16 14:46 - 2014-02-22 17:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-12-16 14:46 - 2014-02-22 16:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-12-16 14:46 - 2014-02-22 16:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-12-16 14:46 - 2014-02-22 16:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-12-16 14:46 - 2014-02-22 16:53 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-12-16 14:46 - 2014-02-22 16:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2016-12-16 14:46 - 2014-02-22 16:49 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-12-16 14:46 - 2014-02-22 16:49 - 00189784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2016-12-16 14:46 - 2014-02-22 16:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2016-12-16 14:46 - 2014-02-22 16:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-12-16 14:46 - 2014-02-22 15:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2016-12-16 14:46 - 2014-02-22 15:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2016-12-16 14:46 - 2014-02-22 15:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-12-16 14:46 - 2014-02-22 15:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2016-12-16 14:46 - 2014-02-22 13:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2016-12-16 14:46 - 2014-02-22 13:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2016-12-16 14:46 - 2014-02-22 13:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2016-12-16 14:46 - 2014-02-22 13:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2016-12-16 14:46 - 2014-02-22 13:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2016-12-16 14:46 - 2014-02-22 13:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2016-12-16 14:46 - 2014-02-22 13:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2016-12-16 14:46 - 2014-02-22 13:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2016-12-16 14:46 - 2014-02-22 13:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-12-16 14:46 - 2014-02-22 13:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-12-16 14:46 - 2014-02-22 13:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2016-12-16 14:46 - 2014-02-22 13:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2016-12-16 14:46 - 2014-02-22 13:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-12-16 14:46 - 2014-02-22 13:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-16 14:46 - 2014-02-22 12:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2016-12-16 14:46 - 2014-02-22 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2016-12-16 14:46 - 2014-02-22 12:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2016-12-16 14:46 - 2014-02-22 12:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2016-12-16 14:46 - 2014-02-22 12:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2016-12-16 14:46 - 2014-02-22 12:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2016-12-16 14:46 - 2014-02-22 12:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2016-12-16 14:46 - 2014-02-22 12:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2016-12-16 14:46 - 2014-02-22 12:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2016-12-16 14:46 - 2014-02-22 12:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2016-12-16 14:46 - 2014-02-22 12:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2016-12-16 14:46 - 2014-02-22 12:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-12-16 14:46 - 2014-02-22 12:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2016-12-16 14:46 - 2014-02-22 12:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2016-12-16 14:46 - 2014-02-22 12:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-16 14:46 - 2014-02-22 12:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2016-12-16 14:46 - 2014-02-22 12:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2016-12-16 14:46 - 2014-02-22 12:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2016-12-16 14:46 - 2014-02-22 12:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2016-12-16 14:46 - 2014-02-22 12:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-12-16 14:46 - 2014-02-22 12:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2016-12-16 14:46 - 2014-02-22 12:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2016-12-16 14:46 - 2014-02-22 12:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-12-16 14:46 - 2014-02-22 12:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2016-12-16 14:46 - 2014-02-22 12:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2016-12-16 14:46 - 2014-02-22 12:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-12-16 14:46 - 2014-02-22 12:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2016-12-16 14:46 - 2014-02-22 12:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-12-16 14:46 - 2014-02-22 12:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-16 14:46 - 2014-02-22 12:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2016-12-16 14:46 - 2014-02-22 12:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-12-16 14:46 - 2014-02-22 12:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2016-12-16 14:46 - 2014-02-22 12:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2016-12-16 14:46 - 2014-02-22 12:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2016-12-16 14:46 - 2014-02-22 12:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2016-12-16 14:46 - 2014-02-22 12:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-12-16 14:46 - 2014-02-22 11:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-12-16 14:46 - 2014-02-22 11:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-12-16 14:46 - 2014-02-22 11:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2016-12-16 14:46 - 2014-02-22 11:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2016-12-16 14:46 - 2014-02-22 11:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2016-12-16 14:46 - 2014-02-22 11:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-12-16 14:46 - 2014-02-22 11:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2016-12-16 14:46 - 2014-02-22 11:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2016-12-16 14:46 - 2014-02-22 11:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2016-12-16 14:46 - 2014-02-22 11:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2016-12-16 14:46 - 2014-02-22 11:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-12-16 14:46 - 2014-02-22 11:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-16 14:46 - 2014-02-22 11:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2016-12-16 14:46 - 2014-02-22 11:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2016-12-16 14:46 - 2014-02-22 11:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-12-16 14:46 - 2014-02-22 11:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2016-12-16 14:46 - 2014-02-22 11:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-12-16 14:46 - 2014-02-22 11:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-12-16 14:46 - 2014-02-22 11:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-16 14:46 - 2014-02-22 11:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2016-12-16 14:46 - 2014-02-22 11:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-16 14:46 - 2014-02-22 11:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2016-12-16 14:46 - 2014-02-22 11:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2016-12-16 14:46 - 2014-02-22 11:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2016-12-16 14:46 - 2014-02-22 11:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-12-16 14:46 - 2014-02-22 11:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2016-12-16 14:46 - 2014-02-22 11:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2016-12-16 14:46 - 2014-02-22 11:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2016-12-16 14:46 - 2014-02-22 11:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2016-12-16 14:46 - 2014-02-22 11:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-16 14:46 - 2014-02-22 11:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-12-16 14:46 - 2014-02-22 11:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2016-12-16 14:46 - 2014-02-22 11:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-12-16 14:46 - 2014-02-22 11:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-12-16 14:46 - 2014-02-22 11:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2016-12-16 14:46 - 2014-02-22 11:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2016-12-16 14:46 - 2014-02-22 11:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-12-16 14:46 - 2014-02-22 11:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-12-16 14:46 - 2014-02-22 11:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2016-12-16 14:46 - 2014-02-22 11:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-16 14:46 - 2014-02-22 11:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-16 14:46 - 2014-02-22 11:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2016-12-16 14:46 - 2014-02-22 10:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-12-16 14:46 - 2014-02-22 10:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-12-16 14:46 - 2014-02-22 10:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-12-16 14:46 - 2014-02-22 10:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2016-12-16 14:46 - 2014-02-22 10:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-12-16 14:46 - 2014-02-22 10:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2016-12-16 14:46 - 2014-02-22 10:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-16 14:46 - 2014-02-22 10:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2016-12-16 14:46 - 2014-02-22 10:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-12-16 14:46 - 2014-02-22 10:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-12-16 14:46 - 2014-02-22 10:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2016-12-16 14:46 - 2014-02-22 10:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-12-16 14:46 - 2014-02-22 10:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-12-16 14:46 - 2014-02-22 10:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-12-16 14:46 - 2014-02-22 10:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2016-12-16 14:46 - 2014-02-22 10:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-12-16 14:46 - 2014-02-22 10:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-12-16 14:46 - 2014-02-22 10:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-16 14:46 - 2014-02-22 10:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-12-16 14:46 - 2014-02-22 10:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-12-16 14:46 - 2014-02-22 10:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-12-16 14:46 - 2014-02-22 10:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2016-12-16 14:46 - 2014-02-22 10:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-16 14:46 - 2014-02-22 10:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-12-16 14:46 - 2014-02-22 10:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-12-16 14:46 - 2014-02-22 10:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2016-12-16 14:46 - 2014-02-22 10:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2016-12-16 14:46 - 2014-02-22 10:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2016-12-16 14:46 - 2014-02-22 10:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-12-16 14:46 - 2014-02-22 10:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-12-16 14:46 - 2014-02-22 10:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2016-12-16 14:46 - 2014-02-22 10:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-12-16 14:46 - 2014-02-22 10:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-16 14:46 - 2014-02-22 10:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-12-16 14:46 - 2014-02-22 10:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2016-12-16 14:46 - 2014-02-22 10:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-12-16 14:46 - 2014-02-22 10:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-12-16 14:46 - 2014-02-22 09:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-12-16 14:46 - 2014-02-22 09:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-12-16 14:46 - 2014-02-22 09:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-12-16 14:46 - 2014-02-22 09:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-12-16 14:46 - 2014-02-22 09:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2016-12-16 14:46 - 2014-02-22 09:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2016-12-16 14:46 - 2014-02-22 09:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2016-12-16 14:46 - 2014-02-22 09:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2016-12-16 14:46 - 2014-02-22 09:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-16 14:46 - 2014-02-22 09:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-12-16 14:46 - 2014-02-22 09:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-12-16 14:46 - 2014-02-22 09:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-12-16 14:46 - 2014-02-22 09:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-12-16 14:46 - 2014-02-22 09:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2016-12-16 14:46 - 2014-02-22 09:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2016-12-16 14:46 - 2014-02-22 09:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2016-12-16 14:46 - 2014-02-22 09:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-12-16 14:46 - 2014-02-22 09:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-12-16 14:46 - 2014-02-22 09:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2016-12-16 14:46 - 2014-02-22 09:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2016-12-16 14:46 - 2014-02-22 09:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-12-16 14:46 - 2014-02-22 09:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2016-12-16 14:46 - 2014-02-22 09:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-12-16 14:46 - 2014-02-22 09:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2016-12-16 14:46 - 2014-02-22 09:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-12-16 14:46 - 2014-02-22 09:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-12-16 14:46 - 2014-02-22 09:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2016-12-16 14:46 - 2014-02-22 09:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-12-16 14:46 - 2014-02-22 09:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-12-16 14:46 - 2014-02-22 09:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-16 14:46 - 2014-02-22 09:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-16 14:46 - 2014-02-22 09:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-12-16 14:46 - 2014-02-22 09:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-12-16 14:46 - 2014-02-22 09:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-12-16 14:46 - 2014-02-22 09:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-16 14:46 - 2014-02-22 09:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-16 14:46 - 2014-02-01 07:00 - 00002255 _____ C:\WINDOWS\SysWOW64\WimBootCompress.ini
2016-12-16 14:46 - 2014-02-01 07:00 - 00002255 _____ C:\WINDOWS\system32\WimBootCompress.ini
2016-12-16 14:46 - 2014-01-31 13:09 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-12-16 14:46 - 2014-01-31 13:08 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-16 14:46 - 2014-01-31 12:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2016-12-16 14:46 - 2014-01-31 12:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2016-12-16 14:46 - 2014-01-31 10:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-12-16 14:46 - 2014-01-31 10:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-12-16 14:46 - 2014-01-31 09:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2016-12-16 14:46 - 2014-01-29 09:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-12-16 14:46 - 2014-01-29 01:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-16 14:46 - 2014-01-29 01:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-12-16 14:46 - 2014-01-27 20:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-12-16 14:46 - 2014-01-22 07:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-12-16 14:46 - 2014-01-22 06:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-12-16 14:46 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-12-16 14:46 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-12-16 14:46 - 2013-12-04 15:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-12-16 14:46 - 2013-11-27 10:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2016-12-16 14:46 - 2013-11-27 09:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2016-12-16 14:46 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-12-16 14:46 - 2013-11-08 04:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-12-16 14:45 - 2014-02-22 13:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2016-12-16 14:45 - 2014-02-22 13:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2016-12-16 14:45 - 2014-02-22 13:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2016-12-16 14:45 - 2014-02-22 13:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2016-12-16 14:45 - 2014-02-22 13:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2016-12-16 14:45 - 2014-02-22 13:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2016-12-16 14:45 - 2014-02-22 13:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-12-16 14:45 - 2014-02-22 13:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-12-16 14:45 - 2014-02-22 13:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2016-12-16 14:45 - 2014-02-22 12:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2016-12-16 14:45 - 2014-02-22 12:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2016-12-16 14:45 - 2014-02-22 12:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2016-12-16 14:45 - 2014-02-22 12:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2016-12-16 14:45 - 2014-02-22 12:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2016-12-16 14:45 - 2014-02-22 12:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2016-12-16 14:45 - 2014-02-22 12:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2016-12-16 14:45 - 2014-02-22 12:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2016-12-16 14:45 - 2014-02-22 12:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2016-12-16 14:45 - 2014-02-22 12:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-12-16 14:45 - 2014-02-22 12:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-12-16 14:45 - 2014-02-22 12:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2016-12-16 14:45 - 2014-02-22 12:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2016-12-16 14:45 - 2014-02-22 12:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2016-12-16 14:45 - 2014-02-22 11:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2016-12-16 14:45 - 2014-02-22 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-12-16 14:45 - 2014-02-22 11:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-16 14:45 - 2014-02-22 11:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2016-12-16 14:45 - 2014-02-22 11:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-12-16 14:45 - 2014-02-22 11:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2016-12-16 14:45 - 2014-02-22 11:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2016-12-16 14:45 - 2014-02-22 11:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-12-16 14:45 - 2014-02-22 10:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-12-16 14:45 - 2014-02-22 10:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-12-16 14:45 - 2014-02-22 10:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-12-16 14:45 - 2014-02-22 10:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2016-12-16 14:45 - 2014-02-22 10:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-12-16 14:45 - 2014-02-22 10:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-16 14:45 - 2014-02-22 10:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-12-16 14:45 - 2014-02-22 10:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-16 14:45 - 2014-02-22 10:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2016-12-16 14:45 - 2014-02-22 10:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-16 14:45 - 2014-02-22 09:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2016-12-16 14:45 - 2014-02-22 09:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-16 14:45 - 2014-02-22 09:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-12-16 14:45 - 2014-02-22 09:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2016-12-16 14:45 - 2014-02-22 09:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-16 14:45 - 2014-02-22 09:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-12-16 14:45 - 2014-02-22 09:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2016-12-16 14:45 - 2014-02-22 09:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2016-12-16 14:45 - 2014-02-22 09:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-12-16 14:45 - 2014-02-22 09:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-12-16 14:45 - 2014-02-22 05:43 - 00002440 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2016-12-16 14:45 - 2014-02-22 05:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-12-16 14:45 - 2014-02-22 05:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-12-16 14:45 - 2014-02-08 02:08 - 00100197 _____ C:\WINDOWS\SysWOW64\RacRules.xml
2016-12-16 14:45 - 2014-02-08 02:08 - 00100197 _____ C:\WINDOWS\system32\RacRules.xml
2016-12-16 14:45 - 2014-02-01 07:00 - 00011109 _____ C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2016-12-16 14:45 - 2014-02-01 07:00 - 00011109 _____ C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2016-12-16 14:45 - 2014-02-01 07:00 - 00007762 _____ C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2016-12-16 14:45 - 2014-02-01 07:00 - 00007762 _____ C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2016-12-16 14:45 - 2014-02-01 07:00 - 00007130 _____ C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2016-12-16 14:45 - 2014-02-01 07:00 - 00007130 _____ C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2016-12-16 14:45 - 2014-01-27 18:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-12-16 14:45 - 2014-01-27 12:45 - 00050053 _____ C:\WINDOWS\system32\srms.dat
2016-12-16 14:45 - 2013-11-27 10:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2016-12-16 14:45 - 2013-11-27 10:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2016-12-15 23:47 - 2016-12-15 23:47 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-15 23:47 - 2016-12-15 23:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-15 23:46 - 2016-12-15 23:46 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-15 23:45 - 2016-12-15 23:45 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-15 23:44 - 2016-12-15 23:44 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-15 19:10 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2016-12-12 19:07 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-12 19:06 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-12 19:06 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-12 19:06 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-12 19:06 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2016-12-12 19:06 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-12-12 19:06 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-12-12 19:06 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-12-12 19:06 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-12-12 19:06 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-12-12 19:06 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-12-12 19:06 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2016-12-12 19:06 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2016-12-12 19:06 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-12-12 19:06 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2016-12-12 19:06 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-12-12 19:06 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-12-12 19:06 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-12-12 19:04 - 2016-12-12 19:04 - 00002423 _____ C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer Games.lnk
2016-12-12 18:59 - 2016-12-12 18:59 - 00003690 _____ C:\WINDOWS\System32\Tasks\ALU_SelfUpgrade
2016-12-12 18:59 - 2016-12-12 18:59 - 00000000 ____D C:\Users\Jennifer\AppData\Local\Acer Aspire R7 Tutorial
2016-12-12 18:58 - 2016-12-12 18:58 - 00000000 ____D C:\Users\Jennifer\AppData\Local\BMExplorer
2016-12-12 13:43 - 2014-01-04 16:54 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2016-12-12 13:43 - 2014-01-04 16:08 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2016-12-12 13:43 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2016-12-12 13:43 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2016-12-12 13:43 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-12-12 13:43 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-12-12 13:43 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-12-12 13:43 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-12-12 13:43 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-12-12 13:43 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2016-12-12 13:43 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-12 13:40 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-12-12 13:40 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-12-12 13:40 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-12 13:40 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-12 13:40 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2016-12-12 13:40 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-12-12 13:40 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-12-12 13:39 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2016-12-12 13:39 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2016-12-12 13:38 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-12-12 13:38 - 2013-10-23 12:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2016-12-12 13:38 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2016-12-12 13:38 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2016-12-12 13:38 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-12-12 13:38 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-12-12 13:38 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-12-12 13:38 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-12-12 13:38 - 2013-10-05 16:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-12-12 13:38 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-12-12 13:38 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-12-12 13:38 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-12-12 13:38 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2016-12-12 13:38 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-12-12 13:38 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-12 13:38 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-12-12 13:38 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-12 13:38 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2016-12-12 13:38 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-12-12 13:38 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-12-12 13:38 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-12-12 13:38 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-12-12 13:38 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-12-12 13:38 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-12-12 13:38 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-12-12 13:38 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-12-12 13:38 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-12-12 13:38 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2016-12-12 13:38 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-12-12 13:38 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-12-12 13:38 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-12-12 13:38 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-12-12 13:38 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-12-12 13:38 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-12-12 13:38 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-12-12 13:38 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-12-12 13:38 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2016-12-12 13:37 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2016-12-12 13:37 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2016-12-12 13:37 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2016-12-12 13:37 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-12-12 13:37 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2016-12-12 13:35 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2016-12-12 13:35 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2016-12-12 13:35 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-12-12 13:35 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-12-12 13:35 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-12-12 13:35 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-12-12 13:35 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-12-12 13:35 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-12-12 13:35 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-12-12 13:35 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2016-12-12 13:35 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-12-12 13:35 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-12-12 13:34 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-12-12 13:34 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-12-12 13:32 - 2013-11-11 03:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2016-12-12 13:32 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-12-12 13:32 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2016-12-12 08:20 - 2016-12-15 18:33 - 00000000 ____D C:\Windows.old
2016-12-12 08:19 - 2016-12-12 08:19 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2016-12-12 07:58 - 2016-12-11 23:39 - 00000000 ___HD C:\$SysReset
2016-12-12 00:17 - 2016-12-12 00:17 - 00000000 ____D C:\Users\Jennifer\AppData\Roaming\Macromedia
2016-12-11 23:38 - 2016-12-19 00:11 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-649119274-1381554577-854056105-1001
2016-12-11 23:28 - 2016-12-11 23:28 - 00000000 ____D C:\Users\Jennifer\AppData\Roaming\Atheros
2016-12-11 23:28 - 2016-12-11 23:28 - 00000000 ____D C:\Users\Jennifer\AppData\Local\clear.fi
2016-12-11 23:27 - 2016-12-11 23:27 - 00009236 _____ C:\Users\Jennifer\Desktop\Entfernte Anwendungen.html
2016-12-11 23:27 - 2016-12-11 23:27 - 00001790 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2016-12-11 23:27 - 2016-12-11 23:27 - 00001276 _____ C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2016-12-11 23:27 - 2016-12-11 23:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-12-11 23:27 - 2016-12-11 23:27 - 00000000 ____D C:\Users\Jennifer\AppData\Roaming\Synaptics
2016-12-11 23:27 - 2016-12-11 23:27 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2016-12-11 23:27 - 2016-12-11 23:27 - 00000000 ____D C:\Program Files\Accessory Store
2016-12-11 23:27 - 2016-12-11 23:27 - 00000000 ____D C:\Program Files (x86)\OEM
2016-12-11 23:26 - 2016-12-11 23:26 - 00001454 _____ C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-11 23:26 - 2016-12-11 23:26 - 00000000 ____D C:\Users\Jennifer\AppData\Roaming\Adobe
2016-12-11 23:26 - 2016-12-11 23:26 - 00000000 ____D C:\Users\Jennifer\AppData\Local\VirtualStore
2016-12-11 23:25 - 2016-12-11 23:25 - 00000020 ___SH C:\Users\Jennifer\ntuser.ini
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-12-11 23:24 - 2016-12-11 23:24 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-12-11 23:23 - 2016-12-11 23:23 - 00001517 _____ C:\Users\Administrator\AppData\Local\Application.xml
2016-12-11 23:22 - 2016-12-15 23:27 - 00000000 ____D C:\Users\Jennifer
2016-12-11 23:22 - 2016-12-11 23:23 - 00024768 _____ C:\WINDOWS\diagwrn.xml
2016-12-11 23:22 - 2016-12-11 23:23 - 00024768 _____ C:\WINDOWS\diagerr.xml
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Vorlagen
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Startmenü
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Netzwerkumgebung
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Lokale Einstellungen
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Eigene Dateien
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Druckumgebung
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Documents\Eigene Videos
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Documents\Eigene Musik
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Documents\Eigene Bilder
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\AppData\Local\Verlauf
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\AppData\Local\Anwendungsdaten
2016-12-11 23:22 - 2016-12-11 23:22 - 00000000 _SHDL C:\Users\Jennifer\Anwendungsdaten
2016-12-10 17:21 - 2016-12-10 17:21 - 00000000 ____D C:\Users\Jennifer\Documents\clear.fi
2016-12-04 11:26 - 2016-12-04 11:26 - 00000000 _____ C:\Recovery.txt
2016-12-04 10:28 - 2016-12-04 10:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-04 10:27 - 2016-12-04 10:27 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-12-04 10:27 - 2016-12-04 10:27 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-12-04 10:27 - 2016-12-04 10:27 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-12-04 10:27 - 2016-12-04 10:27 - 00000000 _SHDL C:\Programme
2016-12-04 10:27 - 2016-12-04 10:27 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-12-03 12:25 - 2016-12-03 12:25 - 00000000 ____D C:\Users\Jennifer\Documents\Electronic Arts
2016-12-03 10:50 - 2016-12-03 10:50 - 00000000 ____D C:\Users\Jennifer\.QtWebEngineProcess
2016-12-03 10:50 - 2016-12-03 10:50 - 00000000 ____D C:\Users\Jennifer\.Origin
2016-12-03 10:49 - 2016-12-03 10:50 - 52489832 _____ (Electronic Arts) C:\Users\Jennifer\Downloads\OriginThinSetupBeta.exe
2016-12-03 10:47 - 2016-12-09 20:23 - 00000000 ____D C:\Users\Jennifer\AppData\LocalLow\Mozilla
2016-12-03 10:40 - 2016-12-19 00:01 - 00000000 __RDO C:\Users\Jennifer\SkyDrive
2016-12-03 10:36 - 2016-12-03 10:36 - 00000000 ____D C:\Users\Jennifer\PicStream
2016-12-03 10:35 - 2016-12-03 10:35 - 00000000 ____D C:\Users\Jennifer\Documents\Bluetooth Folder
2016-12-03 10:33 - 2016-12-11 23:38 - 00000000 ____D C:\Users\Jennifer\AppData\Local\Packages
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-10-21 14:36 - 2016-04-19 01:45 - 00000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2016-04-19 01:45 - 00000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2016-12-19 00:31 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-12-19 00:05 - 2016-04-19 10:50 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-19 00:05 - 2016-04-19 10:50 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-19 00:05 - 2014-01-17 20:40 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-19 00:00 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-18 23:59 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-12-18 23:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-18 23:35 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-12-18 23:34 - 2013-08-22 15:44 - 00335992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-18 23:30 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-18 23:30 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\servicing
2016-12-18 23:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2016-12-18 23:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2016-12-18 19:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-16 15:22 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-16 15:12 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-16 00:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-12-15 23:50 - 2014-01-17 20:54 - 00000000 ____D C:\ProgramData\McAfee
2016-12-15 23:49 - 2014-01-17 20:54 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-12-15 23:49 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-15 23:47 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-15 13:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-12-12 18:58 - 2016-04-19 01:57 - 00000000 ____D C:\ProgramData\Atheros
2016-12-12 08:20 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-11 23:34 - 2016-04-19 02:11 - 00003546 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2016-12-11 23:34 - 2016-04-19 02:11 - 00000000 ____D C:\ProgramData\Norton
2016-12-11 23:27 - 2014-01-17 20:30 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-11 23:27 - 2014-01-17 20:11 - 00000000 ___HD C:\OEM
2016-12-11 23:24 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2016-12-11 23:23 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-19 01:45 - 2016-04-19 01:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Jennifer\AppData\Local\Temp\libeay32.dll
C:\Users\Jennifer\AppData\Local\Temp\msvcr120.dll
C:\Users\Jennifer\AppData\Local\Temp\octADA1.tmp.exe
C:\Users\Jennifer\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-01-17 20:31
==================== Ende von FRST.txt ============================
__________________ So viele Religionen und ich konventiere nur zu .pdf |
|
20.12.2016, 13:08
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Schritt 1 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
Jetzt bitte Suchscan durchführen: Schritt 2 ESET Online Scanner
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
20.12.2016, 21:25
| #6 |
| | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Hitman Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : NI
Windows . . . . . . . : 6.3.0.9600.X64/4
User name . . . . . . : NI\Jennifer
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2016-12-20 19:59:49
Scan mode . . . . . . : Normal
Scan duration . . . . : 4m 21s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 1
Objects scanned . . . : 1.269.261
Files scanned . . . . : 25.098
Remnants scanned . . : 290.306 files / 953.857 keys
Suspicious files ____________________________________________________________
C:\Users\Jennifer\Desktop\FRST64.exe
Size . . . . . . . : 2.420.224 bytes
Age . . . . . . . : 0.9 days (2016-12-19 21:27:54)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 19088BDC4C7EDDBD5E07855948449EF17583D52AF2F7EC201301F0C42FCE8B2A
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-7.9s C:\Users\Jennifer\AppData\Local\Microsoft\Windows Store\Cache\0\0-DiscoveryService-SLS.6.3.9600.0.17031.776.dat
-5.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-https∺∯∯wscont.apps.microsoft.com∯winstore∯6.3.0.1∯100∯DE∯de-de∯MS∯1778∯features6726ecbd-178e-4f2d-8228-6236ad42f817.json.dat
-4.8s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\0\0-Topic-https∺∯∯next-services.apps.microsoft.com∯browse∯6.3.9600-0∯776∯en-US_de-DE.de∯c∯DE∯Topic∯12828089.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont2.apps.microsoft.com∯winstore∯1x∯1000e6ca-53b1-4ad1-a1af-0659a8cf82cf∯AppTile.1.475909.1.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont2.apps.microsoft.com∯winstore∯1x∯14f40d61-761f-4479-aaf7-ca3b52021aec∯Icon.333255.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont2.apps.microsoft.com∯winstore∯1x∯1000e6ca-53b1-4ad1-a1af-0659a8cf82cf∯Icon.475909.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont1.apps.microsoft.com∯winstore∯1x∯bf57a216-4cf6-4ce5-8f49-d9d609f37ce4∯AppTile.1.1152921504653394245.1.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont1.apps.microsoft.com∯winstore∯1x∯2e7f69e8-4dca-4500-9c55-d64333da9b1d∯Icon.249620.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont1.apps.microsoft.com∯winstore∯1x∯d3da4064-3df7-4a3e-96de-66a5eee920c0∯AppTile.1.323850.1.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont2.apps.microsoft.com∯winstore∯1x∯34e808b7-760d-43c5-8477-bf0fb96dd50c∯AppTile.1.493370.1.png.dat
-4.3s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\Cache\4\4-http∺∯∯wscont2.apps.microsoft.com∯winstore∯1x∯90c45b93-67a1-41b3-b5c7-fabb5214b916∯AppTile.1.381934.1.png.dat
-4.2s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-1000e6ca-53b1-4ad1-a1af-0659a8cf82cf-AppTile.1.475909.1.png
-4.1s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-1000e6ca-53b1-4ad1-a1af-0659a8cf82cf-Icon.475909.png
-4.1s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-14f40d61-761f-4479-aaf7-ca3b52021aec-Icon.333255.png
-4.1s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-2e7f69e8-4dca-4500-9c55-d64333da9b1d-Icon.249620.png
-4.1s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-bf57a216-4cf6-4ce5-8f49-d9d609f37ce4-AppTile.1.1152921504653394245.1.png
-4.1s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-34e808b7-760d-43c5-8477-bf0fb96dd50c-AppTile.1.493370.1.png
-4.0s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-90c45b93-67a1-41b3-b5c7-fabb5214b916-AppTile.1.381934.1.png
-4.0s C:\Users\Jennifer\AppData\Local\Packages\winstore_cw5n1h2txyewy\LocalState\LiveTile\1x-d3da4064-3df7-4a3e-96de-66a5eee920c0-AppTile.1.323850.1.png
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{F77B902A-A219-47D4-A96B-5758AE3483BC}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-57ED-9BEA1F6327C6}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-FE5F-1538E7B8CF8C}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-A265-016F4CA22489}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-3F58-14A84123CD90}_1.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-EA35-92498066E4EA}_1.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-BBD8-AE311271D3EA}_1.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-2963-7495ADB70A97}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{947CC84E-B70B-4FC7-BE4E-7F531A1A5986}_1.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-6C20-7BCBE9AF7491}_0.psqm
-1.2s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{062AA2D5-F956-4052-8A58-8D688F44243B}_1.psqm
-1.1s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-8F0C-18727755E510}_1.psqm
-1.1s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{8AE02913-4A44-4470-F155-DA8404D995D3}_0.psqm
-1.1s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{5AB1C8C5-FA02-4B48-AB1A-A71224527A6D}_1.psqm
-1.1s C:\ProgramData\Microsoft\Windows\Sqm\Sessions\{00000001-2167-4682-8E29-4CA34DB32BEC}_1.psqm
0.0s C:\Users\Jennifer\Desktop\FRST64.exe
ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5fe31748112c854f9dafae235c5b3112
# end=init
# utc_time=2016-12-20 07:08:15
# local_time=2016-12-20 08:08:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31800
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5fe31748112c854f9dafae235c5b3112
# end=updateda
# utc_time=2016-12-20 07:13:51
# local_time=2016-12-20 08:13:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5fe31748112c854f9dafae235c5b3112
# engine=31800
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-20 08:17:58
# local_time=2016-12-20 09:17:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode=freeze
# scanned=166967
# found=0
# cleaned=0
# scan_time=3847
__________________ --> Windows 8.1 - 3 Tabs öffnen beim start von Chrome |
|
20.12.2016, 23:42
| #7 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Bitte mal bei chrome das machen und die Einträge entfernen. Reboot des PC und schauen ob sie wiederkommen. Zitat:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
21.12.2016, 01:49
| #8 |
| | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Hat geklappt. Einfacher als gedacht. Hätte ich mal dran denken sollen. Aufjedenfall schonmal herzlichen dank.
__________________ So viele Religionen und ich konventiere nur zu .pdf |
|
21.12.2016, 18:52
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 8.1 - 3 Tabs öffnen beim start von Chrome Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Kauf-Empfehlung:  Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Windows 8.1 - 3 Tabs öffnen beim start von Chrome |
| askbar, browser, cpu, defender, device driver, explorer, firefox, firewall, helper, iexplore.exe, infizierte, installation, internet, internet explorer, launch, neustart, ordner, programme, registry, scan, security, siteadvisor, software, symantec, system, webadvisor, windows, wlan, wmi |
und 
und speichere die Logdatei auf Deinem Desktop.
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
