| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Malware, Adware u.a. Netutils2016 eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.12.2016, 23:43
| #1 |
| |  Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Hallo zusammen, ich war vorhin leider etwas unachtsam und habe ich eine versuchte Version des SUPER Video Encoders heruntergeladen. Ich habe bisher die Programme, die installiert waren, manuell über die Windows Funktion deinstalliert. Dabei scheint auch einiges entfernt worden zu sein. Anschließend habe ich den Adwcleaner drüber laufen lassen. Dieser hat auch viel entfernt, aber nicht dieses netutils. Das taucht bei jedem scan wieder auf, obwohl es scheinbar entfernt wurde. Anschließend habe ich noch Malwarebytes drüber laufen lassen. Dort das gleiche. Es wird zwar scheinbar in die Quarantäne verschoben, aber bleibt dennoch im System. Hier die Logfiles von FRST: FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Matthias (Administrator) auf MATTHIAS-PC (27-12-2016 23:24:15)
Gestartet von D:\Matthias\Downloads
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Windows\Temp\g9A0F.tmp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g9A0F.tmp.exe [252416 2016-12-27] () <===== ACHTUNG
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-13] (Electronic Arts)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-11-29] (Disc Soft Ltd)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Publisher] => C:\Users\Matthias\AppData\Local\Temp\{a9c25e71755f456ebc40f43e77f4a02e}\LSchrUTEkU\castro.exe <===== ACHTUNG
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {419bdd99-211a-11e6-9be5-002522ce1e89} - "J:\setup.exe"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {d27250ef-c555-11e6-9bf5-002522ce1e89} - "J:\setup.exe"
ShellExecuteHooks: Kein Name - {A8506F46-C68A-11E6-8C32-64006A5CFC23} - C:\Users\Matthias\AppData\Roaming\Plowuward\Reejtyqalack.dll [150528 2016-12-27] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1bdf6fc-712e-4bc8-841b-739d33d9114b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: c0pc1p83.default
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default [2016-12-27]
FF Homepage: Mozilla\Firefox\Profiles\c0pc1p83.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\c0pc1p83.default -> ist aktiviert.
FF Extension: (MEGA) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\firefox@mega.co.nz.xpi [2016-12-27]
FF Extension: (uBlock Origin) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-24]
FF Extension: (DownThemAll!) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-10]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2016-12-27]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-11-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd)
R2 Duquycloos; C:\Program Files (x86)\Ruferdombother_\VrgCnt.dll [179200 2016-12-27] () [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-13] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-16] (Microsoft Corporation)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; D:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237912 2016-12-05] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-12-27] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [992600 2016-08-21] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-08-21] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [110424 2016-08-21] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-27] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-27] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-10-26] (Nuvoton Technology Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 23:24 - 2016-12-27 23:24 - 00000000 ____D C:\FRST
2016-12-27 23:08 - 2016-12-27 23:21 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-27 23:08 - 2016-12-27 23:21 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-27 23:08 - 2016-12-27 23:21 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-27 23:08 - 2016-12-27 23:21 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-27 23:08 - 2016-12-27 23:08 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2016-12-27 23:08 - 2016-12-27 23:08 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-27 23:08 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-27 22:25 - 2016-12-27 23:15 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Enigma Software Group
2016-12-27 22:25 - 2016-12-27 22:25 - 00000000 _____ C:\autoexec.bat
2016-12-27 22:24 - 2016-12-27 23:09 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-12-27 21:47 - 2016-12-27 21:47 - 00000306 __RSH C:\Users\Matthias\ntuser.pol
2016-12-27 21:40 - 2016-12-27 21:40 - 07316480 _____ C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00018432 _____ C:\Users\Matthias\AppData\Roaming\Main.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00003502 _____ C:\WINDOWS\System32\Tasks\SRT
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-12-27 21:40 - 2016-12-27 21:39 - 00629760 _____ C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-27 21:39 - 2016-12-27 21:54 - 00000000 ____D C:\Program Files (x86)\wallpaperchanger
2016-12-27 21:39 - 2016-12-27 21:47 - 00000000 ____D C:\Program Files (x86)\Ruferdombother
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\BMAF84KGRH
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\A4H06F8TMD
2016-12-27 21:39 - 2016-12-27 21:39 - 00140288 _____ C:\Users\Matthias\AppData\Roaming\Installer.dat
2016-12-27 21:39 - 2016-12-27 21:39 - 00016818 _____ C:\WINDOWS\System32\Tasks\832057v2a307h93
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ___HD C:\ProgramData\832057v2a307h93
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Plowuward
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Qocertionrifotain
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Plefaspckoruge
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ruferdombother_
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Plermation System
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ckiqsy
2016-12-26 15:49 - 2016-12-27 03:21 - 00000000 ____D C:\Users\Matthias\Desktop\mysummercar
2016-12-26 15:03 - 2016-12-26 15:03 - 00001154 _____ C:\Users\Matthias\Desktop\Cheat Engine.lnk
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2016-12-26 14:12 - 2016-12-09 10:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-12-26 14:12 - 2016-12-09 10:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-12-26 14:12 - 2016-10-15 04:47 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-10-15 04:38 - 02781184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-09-15 17:43 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2016-12-26 14:12 - 2016-09-15 17:24 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2016-12-26 13:57 - 2016-12-26 13:57 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-12-26 13:54 - 2016-12-26 13:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-26 13:54 - 2016-07-15 19:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 19:28 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 19:26 - 00376320 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 19:25 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 19:23 - 14388224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 19:19 - 01323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 19:16 - 04969472 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 19:13 - 01198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 19:11 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2016-12-26 13:54 - 2016-07-15 18:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 18:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 18:41 - 00355840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 18:41 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 18:39 - 11670528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 18:38 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 18:37 - 01074176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 18:35 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 18:32 - 03701248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 18:29 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
2016-12-26 13:51 - 2016-12-26 13:51 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\Program Files\Microsoft DNX
2016-12-26 13:51 - 2016-12-12 04:03 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-26 13:50 - 2016-12-11 19:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files\IIS Express
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-12-26 13:49 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-26 13:48 - 2016-12-26 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2016-12-26 13:47 - 2016-12-26 13:47 - 00001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-12-26 13:47 - 2016-12-26 13:47 - 00000000 ____D C:\NVIDIA
2016-12-26 13:46 - 2016-12-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-12-26 13:45 - 2016-12-26 13:45 - 00000000 ____D C:\WINDOWS\symbols
2016-12-26 13:44 - 2016-12-26 13:44 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-12-26 13:44 - 2016-12-26 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2016-12-26 12:27 - 2016-12-26 12:27 - 00275856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-26 12:27 - 2016-12-26 12:27 - 00000000 ____D C:\WINDOWS\Panther
2016-12-25 19:39 - 2016-12-25 19:39 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\HomeDev
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-25 19:38 - 2016-12-25 19:38 - 00002619 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\Program Files (x86)\HomeDev
2016-12-25 18:16 - 2016-12-26 12:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\JAM Software
2016-12-25 18:05 - 2016-12-25 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-25 17:19 - 2016-12-25 17:19 - 00000000 ____D C:\Users\Matthias\AppData\Local\hack_me
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-19 00:25 - 2016-12-19 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-19 00:24 - 2016-12-19 00:24 - 00000000 ____D C:\Program Files\iPod
2016-12-18 20:31 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-18 20:31 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-18 20:31 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-18 20:31 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-18 20:31 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-18 20:31 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-18 20:31 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-18 20:31 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-18 20:31 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-18 20:31 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-18 20:31 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-18 20:31 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-18 20:31 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-18 20:31 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-18 20:31 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-18 20:31 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-18 20:31 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-18 20:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-18 20:31 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-18 20:31 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-18 20:31 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-18 20:31 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-18 20:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-18 20:31 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-18 20:31 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-18 20:31 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-18 20:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-18 20:31 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-18 20:31 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-18 20:31 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-18 20:31 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-18 20:31 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-18 20:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-18 20:31 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-18 20:31 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-18 20:31 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-18 20:31 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-18 20:31 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-18 20:31 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-18 20:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-18 20:31 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-18 20:31 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-18 20:31 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-18 20:31 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-18 20:31 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-18 20:31 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-18 20:31 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-18 20:31 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-18 20:24 - 2016-12-18 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-18 20:23 - 2016-12-18 20:23 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\11bitstudios
2016-12-18 20:22 - 2016-12-18 20:22 - 00000759 _____ C:\Users\Public\Desktop\This War of Mine.lnk
2016-12-18 20:22 - 2016-12-18 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-12-10 01:17 - 2016-12-10 01:17 - 00000000 ____D C:\Users\Matthias\AppData\Local\Matt_and_the_bus_stop_girl
2016-12-10 00:58 - 2016-12-26 13:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-05 17:54 - 2016-12-05 17:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Eidos Montreal
2016-12-05 16:58 - 2016-12-09 17:48 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\WhatsApp
2016-12-05 16:58 - 2016-12-09 17:42 - 00002253 _____ C:\Users\Matthias\Desktop\WhatsApp.lnk
2016-12-05 16:58 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Local\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:41 - 00000000 ____D C:\Users\Matthias\AppData\Local\SquirrelTemp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 23:23 - 2015-10-26 18:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-27 23:22 - 2016-11-21 13:08 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Mozilla
2016-12-27 23:22 - 2016-10-16 17:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-27 23:21 - 2016-10-16 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-27 23:20 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-12-27 23:16 - 2016-10-16 17:33 - 02136964 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-27 23:16 - 2016-07-16 23:51 - 00808076 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-27 23:16 - 2016-07-16 23:51 - 00190230 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-27 22:25 - 2016-10-16 17:34 - 00000000 ____D C:\Users\Matthias
2016-12-27 22:14 - 2016-04-18 19:02 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps
2016-12-27 21:56 - 2015-10-26 18:11 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-27 21:45 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-27 21:39 - 2015-10-26 20:27 - 00002750 __RSH C:\ProgramData\ntuser.pol
2016-12-27 21:39 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-26 18:35 - 2015-10-26 18:23 - 00000000 ____D C:\Users\Matthias\AppData\Local\JDownloader v2.0
2016-12-26 14:13 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-26 14:06 - 2015-10-26 18:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-26 14:06 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA Corporation
2016-12-26 14:02 - 2015-10-26 18:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-26 14:00 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA
2016-12-26 13:58 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-26 13:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-26 13:55 - 2016-10-16 17:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-26 13:54 - 2016-11-26 13:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-26 13:52 - 2016-11-26 13:21 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-26 13:50 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-12-26 13:50 - 2016-03-12 00:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-12-26 13:46 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\system32\1033
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-12-26 13:44 - 2016-11-26 13:17 - 00000000 ____D C:\WINDOWS\system32\1031
2016-12-26 13:43 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-26 13:43 - 2016-10-16 18:24 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-26 13:43 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-26 13:30 - 2015-10-26 18:28 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe
2016-12-26 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-26 12:27 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-26 12:27 - 2015-10-26 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-25 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-25 19:47 - 2016-09-20 17:00 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\TeamViewer
2016-12-25 19:47 - 2015-10-26 18:09 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\DAEMON Tools Lite
2016-12-25 18:58 - 2015-10-27 19:49 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\vlc
2016-12-25 18:05 - 2015-11-02 17:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-24 14:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-24 14:04 - 2015-10-26 18:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-19 23:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-19 23:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-19 16:13 - 2015-10-26 18:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-19 16:12 - 2015-07-10 12:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-12-19 16:10 - 2016-10-16 17:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-19 16:02 - 2015-10-27 19:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-19 16:00 - 2015-10-27 19:36 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-19 15:39 - 2016-04-27 15:25 - 00000000 ____D C:\Users\Matthias\AppData\Local\146F1B44-2D97-405C-A624-50FC159A5557.aplzod
2016-12-19 00:24 - 2015-10-26 19:24 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-18 20:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-18 20:12 - 2015-11-02 17:50 - 00001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-18 20:12 - 2015-11-02 17:50 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-12 04:03 - 2016-10-09 21:28 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-10-09 21:28 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 04:03 - 2016-08-26 23:30 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-12-12 04:03 - 2016-08-26 23:30 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-12-12 04:03 - 2016-05-15 10:17 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-16 17:33 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-09 15:28 - 2015-10-26 18:04 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages
2016-12-09 13:38 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 09:52 - 2016-10-16 17:33 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-05 17:09 - 2016-04-29 00:28 - 00237912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-12-05 17:05 - 2016-11-26 13:21 - 00000000 ____D C:\Program Files\SharePoint Client Components
2016-12-05 16:51 - 2016-10-16 17:39 - 00004302 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-05 16:51 - 2016-10-16 17:39 - 00004070 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-27 21:40 - 2016-12-27 21:40 - 7316480 _____ () C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:39 - 0629760 _____ () C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-27 21:39 - 2016-12-27 21:39 - 0140288 _____ () C:\Users\Matthias\AppData\Roaming\Installer.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 0018432 _____ () C:\Users\Matthias\AppData\Roaming\Main.dat
2016-01-25 15:44 - 2016-01-25 15:44 - 0000096 _____ () C:\Users\Matthias\AppData\Local\fusioncache.dat
2016-01-04 13:51 - 2016-01-04 13:51 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\WINDOWS\TEMP\g9A0F.tmp.exe
Einige Dateien in TEMP:
====================
C:\Users\Matthias\AppData\Local\Temp\libeay32.dll
C:\Users\Matthias\AppData\Local\Temp\msvcr120.dll
C:\Users\Matthias\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-19 15:59
==================== Ende von FRST.txt ============================
Viele Grüße |
|
27.12.2016, 23:44
| #2 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Additions.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (27-12-2016 23:24:44)
Gestartet von D:\Matthias\Downloads
Windows 10 Pro Version 1607 (X64) (2016-10-16 16:40:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1189516615-3406733157-290963412-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1189516615-3406733157-290963412-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1189516615-3406733157-290963412-503 - Limited - Disabled)
Gast (S-1-5-21-1189516615-3406733157-290963412-501 - Limited - Disabled)
Matthias (S-1-5-21-1189516615-3406733157-290963412-1001 - Administrator - Enabled) => C:\Users\Matthias
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blues and Bullets (HKLM-x32\...\Steam App 378660) (Version: - A Crowd of Monsters)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grow Home (HKLM-x32\...\Steam App 323320) (Version: - Reflections, a Ubisoft Studio)
HITMAN™ (HKLM\...\Steam App 236870) (Version: - Io-Interactive)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 3 (HKLM\...\Steam App 225540) (Version: - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
My Summer Car (HKLM\...\Steam App 516750) (Version: - Amistech Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {026A7D69-E429-4B4B-949C-99940E2347C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0349E2A7-1353-4244-9A4B-92201DC2BA78} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {03A79BD9-F53D-45FE-8192-105A12A94F52} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0535BB14-3A64-466E-9A01-6C5FDF0840D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {16160FA3-F8E9-438F-BBED-9D51CEF00DDC} - System32\Tasks\{7E7B725C-2E2A-458E-A3B8-8FE2D3F6C3BD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.112/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {2E1181A0-315B-4BF9-B777-B6269DD27289} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-26] (Adobe Systems Incorporated)
Task: {46E50EDA-F1C7-4AC7-A62A-D8B61D2CD175} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {559A6523-816C-40CC-9F1B-42A6F2F100F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5A5A8148-DD0F-46F9-ABAE-4A8153B9FBFA} - System32\Tasks\MATLAB R2015b Startup Accelerator => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {68F03E89-746A-4BF4-8750-D8D75BC22182} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {7651BFBA-1EAD-4DD2-92F3-A87B689FA04D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {853B5616-E655-4ADD-AACD-4977D7FE5FEF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {91849900-C200-4718-8456-F7773D1E95AD} - System32\Tasks\SRT => C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
Task: {96ABA1A8-99F5-488E-9C72-309EE482053A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {ACF9A8AE-38B6-40D6-BE75-A4C0668A30E9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {AD1B4AAF-0FF5-4151-B2D3-16B0C872162B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B1FE2CC3-8042-43B3-BB1E-E6C4EDF149F1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {B6D80566-DCD8-44C8-8049-4A4B82BBD273} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {EA10A334-9555-4C95-8399-B351C5103AA1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {F751F542-6797-4C27-B316-83AFD9F1099C} - System32\Tasks\832057v2a307h93 => Rundll32.exe "C:\ProgramData\832057v2a307h93\832057v2a307h93.dll",bgozrak <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-27 21:39 - 2014-03-22 19:17 - 02844160 _____ () C:\ProgramData\832057v2a307h93\832057v2a307h93.dll
2016-10-16 17:33 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-11-29 18:04 - 2005-04-22 05:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-16 17:59 - 2016-10-16 17:59 - 00959168 _____ () C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-10-16 18:29 - 2016-10-16 18:29 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 13:45 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:45 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:45 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 13:45 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:45 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-27 22:23 - 2016-12-27 23:09 - 00252416 _____ () C:\WINDOWS\TEMP\g9A0F.tmp.exe
2015-10-26 18:07 - 2015-10-26 18:07 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-12-18 20:16 - 2016-12-18 20:16 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-18 20:16 - 2016-12-18 20:16 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-18 20:16 - 2016-12-18 20:16 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-18 20:16 - 2016-12-18 20:16 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-18 20:15 - 2016-12-18 20:16 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2016-12-27 21:39 - 2016-12-27 21:39 - 00179200 _____ () c:\program files (x86)\ruferdombother_\vrgcnt.dll
2015-10-26 18:10 - 2016-12-12 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-26 13:51 - 2016-12-12 04:03 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-09 12:10 - 2016-12-08 16:13 - 00656160 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 02322720 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 00838944 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-10 17:32 - 2016-07-04 23:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-12-06 10:44 - 2016-12-05 17:21 - 67304736 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-10 17:32 - 2015-09-25 00:52 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-27 22:23 - 2016-12-27 23:21 - 03780096 _____ () C:\WINDOWS\TEMP\g9858.tmp
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:DED17083 [294]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\hola.org -> hxxp://hola.org
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2016-12-27 21:40 - 00001188 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "FreePDF Assistant"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "Publisher"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{76819DE0-2495-4639-B2D1-1A17DD0CB8B2}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49D7E137-37EA-43A0-BAB1-232C13D58258}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{EA2B6607-6D22-43DB-922D-F2FB0B448E44}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{0D78C470-E482-4D7A-A865-87195D78DA7A}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2B483999-F1DB-451B-B536-F5EEC8E3DFB1}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A88DA332-A6AC-433B-92A9-870D2ACCC893}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{03FD3A2F-49DC-4439-A1EE-88CFEF1A5AAA}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1947581C-FB8D-49D3-BB80-336C927345BF}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6289E9F6-16C1-4AD4-8CB3-AA93DF0D716A}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{53CF2268-646D-4F32-8BDA-89C586F6E855}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{090B420A-4FA2-4B49-8408-D9F61076B058}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F75E24C4-A300-423C-890B-1E10736A36C2}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1E2B3431-4E33-4E02-AE73-6BD937801EE6}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CBE73DF2-8F8F-43D0-9EEF-CDD596C464E8}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{68568424-8476-4641-B733-507C351759CD}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{A1DC72B5-DCC7-46CF-AA06-9EC62151DDBE}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{44BAA781-8BC5-45E4-8DA7-E44B42C0E6B7}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{90DE5418-3EB0-4FC6-A9D3-01FB2B4B24A6}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{E99D776F-E312-4BC3-AA6F-FA72DA18FA32}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{D223876B-B52E-4380-86F0-7245BCCBEE10}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{8988C41D-41E5-4E26-87FE-F48080F828DD}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FB13C02F-8A4B-4D24-8532-45DEFA478400}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{322C2604-2173-47BA-9141-2104C4387167}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AAE3D145-8F66-4338-9A9D-31B7C8A62BCF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECAFC386-5FA1-46BC-88B2-012A6921230D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66F689F6-6CCF-4156-A8BC-81B87F261709}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{927397A1-D059-47E9-8776-10A67277720D}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{065CA1EB-17E7-4E07-B701-E190EDCFD349}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EDD50E7F-3436-48A8-AEC7-AB3B96040D03}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12040BE0-2691-4BD6-92C8-B1582158A257}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49485E05-00C0-4E4B-8F0D-DAAC8D6B2C9D}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9435F324-66A3-42DF-B6DA-280AAC1338EB}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{095A80FC-78E6-4F0B-8706-79AFABA0DBE4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7EAB5420-3BAC-475C-9608-8DCF9890CEE9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{645003DE-EE5B-40FA-867E-A2999372C45B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{872B1757-6651-46A9-BD6F-0ED70A71423B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5A54CD2B-869B-42EC-85D8-3A694C1A47E6}] => LPort=54925
FirewallRules: [{0F016C53-392A-430C-B4BA-2882CB8BC68A}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{6EC6F985-647B-49B1-9B2A-565AB6625BAC}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{F9F314AE-CFC9-4DA3-9081-D468C8563FAF}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{580FF403-70B8-46DC-B6C4-D1F236531128}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{FDB75D2E-3FF2-4F28-A1D3-F9D226773FD4}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{9ADD6567-652D-4837-B107-3478F267E5FA}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{31B7020F-DF29-4503-8EBD-5ED06E55F285}] => D:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C372E7D7-805B-4E70-AE32-C534F0765B1E}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2C37B3B3-5B5E-4EDA-9106-D324ABD306E5}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{465BDA88-AD37-44FE-95E1-B2EF99385F7A}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8642A92B-0E7F-4B70-9573-615DA1918E74}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38F58117-2E84-47B7-B499-C6C1B5E9E8FC}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5ED70613-B4F2-4A42-8090-3921F951F888}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{95C04AED-078F-449A-BA68-0465978A3784}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CCD299E7-9A60-4F6B-B957-6D686FAD9385}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5B994923-CBBF-4086-9D38-6F70271B7ED5}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F63BF32D-9FF4-4E32-B459-5F77808685BF}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD76D992-CFCB-4283-8658-FB00005CDF88}] => D:\Programme (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DDD498C1-707A-4AB1-A364-8FA7910B4670}] => LPort=12292
FirewallRules: [{F1F74CB2-B43F-474B-A0BE-EFD2EC403024}] => D:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADCB4AD0-3CFD-4E01-8BEB-3175F71BDCE3}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{04EAD057-0607-44E1-B0DA-4EA9F2107DF8}] => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2AFBED0D-6B5F-471C-8D8D-AF5D7D6A2803}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0137A594-FF22-4F97-8237-37358EC36D56}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{E345F383-2729-4DBB-9530-661C93E287D5}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{5FCAFD87-781D-48A1-82EC-9E48570E8FFB}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{B6C899DE-F1E9-41B4-A9E1-E396F1E78A95}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{FC42E89F-B054-4750-96FE-9E682A0C843E}] => C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2016 11:21:24 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 11:09:55 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 10:38:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: UDPEndRecv: WSARecvMsg control information error.
Error: (12/27/2016 10:27:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/27/2016 10:22:42 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 10:18:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MATTHIAS-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{b78298f0-4ab9-46f9-b738-25b2c8ce8211}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/27/2016 10:18:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MATTHIAS-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{2d9afb7b-2bdd-4e5b-af87-0c41d7ff59d3}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/27/2016 10:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.041.exe, Version: 6.0.4.1, Zeitstempel: 0x5852333a
Name des fehlerhaften Moduls: adwcleaner_6.041.exe, Version: 6.0.4.1, Zeitstempel: 0x5852333a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021536
ID des fehlerhaften Prozesses: 0x2374
Startzeit der fehlerhaften Anwendung: 0x01d26084c5c0666c
Pfad der fehlerhaften Anwendung: D:\Matthias\Downloads\adwcleaner_6.041.exe
Pfad des fehlerhaften Moduls: D:\Matthias\Downloads\adwcleaner_6.041.exe
Berichtskennung: e8c7f4aa-8390-4157-8e4d-9bfb87ebcdcb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/27/2016 10:03:18 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 09:59:24 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Systemfehler:
=============
Error: (12/27/2016 11:21:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/27/2016 11:10:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/27/2016 11:07:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Duquycloos" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/27/2016 10:24:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Duquycloos" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/27/2016 10:23:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/27/2016 10:22:04 PM) (Source: DCOM) (EventID: 10010) (User: MATTHIAS-PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/27/2016 10:21:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/27/2016 10:21:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/27/2016 10:21:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/27/2016 10:21:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-27 22:17:43.036
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-27 22:17:42.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8104.65 MB
Verfügbarer physikalischer RAM: 5255.99 MB
Summe virtueller Speicher: 9128.65 MB
Verfügbarer virtueller Speicher: 6165.58 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.75 GB) (Free:68.2 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1211.28 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: B2D754D6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C1C0AE3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 27.12.16
Scan-Zeit: 23:15
Protokolldatei: Malwarebytes.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.5.1299
Komponentenversion: 1.0.43
Version des Aktualisierungspakets: 1.0.872
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 534661
Abgelaufene Zeit: 4 Min., 34 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 1
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.872
Registrierungsschlüssel: 1
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, In Quarantäne, [863], [325509],1.0.872
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.872
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, In Quarantäne, [863], [325509],1.0.872
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
28.12.2016, 01:04
| #3 |
| /// Malwareteam   | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
emptytemp:
hosts:
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g9A0F.tmp.exe [252416 2016-12-27] () <===== ACHTUNG
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Publisher] => C:\Users\Matthias\AppData\Local\Temp\{a9c25e71755f456ebc40f43e77f4a02e}\LSchrUTEkU\castro.exe <===== ACHTUNG
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {419bdd99-211a-11e6-9be5-002522ce1e89} - "J:\setup.exe"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {d27250ef-c555-11e6-9bf5-002522ce1e89} - "J:\setup.exe"
ShellExecuteHooks: Kein Name - {A8506F46-C68A-11E6-8C32-64006A5CFC23} - C:\Users\Matthias\AppData\Roaming\Plowuward\Reejtyqalack.dll [150528 2016-12-27] ()
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2016-12-27]
S3 dbx; system32\DRIVERS\dbx.sys [X]
2016-12-27 22:25 - 2016-12-27 23:15 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Enigma Software Group
2016-12-27 22:25 - 2016-12-27 22:25 - 00000000 _____ C:\autoexec.bat
2016-12-27 22:24 - 2016-12-27 23:09 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-12-27 21:39 - 2016-12-27 21:54 - 00000000 ____D C:\Program Files (x86)\wallpaperchanger
2016-12-27 21:39 - 2016-12-27 21:47 - 00000000 ____D C:\Program Files (x86)\Ruferdombother
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\BMAF84KGRH
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\A4H06F8TMD
2016-12-27 21:39 - 2016-12-27 21:39 - 00140288 _____ C:\Users\Matthias\AppData\Roaming\Installer.dat
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ___HD C:\ProgramData\832057v2a307h93
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Plowuward
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Qocertionrifotain
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Plefaspckoruge
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ruferdombother_
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Plermation System
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ckiqsy
Task: {F751F542-6797-4C27-B316-83AFD9F1099C} - System32\Tasks\832057v2a307h93 => Rundll32.exe "C:\ProgramData\832057v2a307h93\832057v2a307h93.dll",bgozrak <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\TEMP:DED17083 [294]
IE trusted site: HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\hola.org -> hxxp://hola.org
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ |
|
28.12.2016, 10:59
| #4 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Hallo Rafael, vielen Dank erstmal für deine schnelle Antwort. Hier die Logs: Fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (28-12-2016 10:52:19) Run:1
Gestartet von C:\Users\Matthias\Desktop
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
emptytemp:
hosts:
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g9A0F.tmp.exe [252416 2016-12-27] () <===== ACHTUNG
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Publisher] => C:\Users\Matthias\AppData\Local\Temp\{a9c25e71755f456ebc40f43e77f4a02e}\LSchrUTEkU\castro.exe <===== ACHTUNG
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {419bdd99-211a-11e6-9be5-002522ce1e89} - "J:\setup.exe"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {d27250ef-c555-11e6-9bf5-002522ce1e89} - "J:\setup.exe"
ShellExecuteHooks: Kein Name - {A8506F46-C68A-11E6-8C32-64006A5CFC23} - C:\Users\Matthias\AppData\Roaming\Plowuward\Reejtyqalack.dll [150528 2016-12-27] ()
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2016-12-27]
S3 dbx; system32\DRIVERS\dbx.sys [X]
2016-12-27 22:25 - 2016-12-27 23:15 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Enigma Software Group
2016-12-27 22:25 - 2016-12-27 22:25 - 00000000 _____ C:\autoexec.bat
2016-12-27 22:24 - 2016-12-27 23:09 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-12-27 21:39 - 2016-12-27 21:54 - 00000000 ____D C:\Program Files (x86)\wallpaperchanger
2016-12-27 21:39 - 2016-12-27 21:47 - 00000000 ____D C:\Program Files (x86)\Ruferdombother
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\BMAF84KGRH
2016-12-27 21:39 - 2016-12-27 21:44 - 00000000 ____D C:\Program Files\A4H06F8TMD
2016-12-27 21:39 - 2016-12-27 21:39 - 00140288 _____ C:\Users\Matthias\AppData\Roaming\Installer.dat
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ___HD C:\ProgramData\832057v2a307h93
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Plowuward
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Qocertionrifotain
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\Plefaspckoruge
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ruferdombother_
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Plermation System
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-12-27 21:39 - 2016-12-27 21:39 - 00000000 ____D C:\Program Files (x86)\Ckiqsy
Task: {F751F542-6797-4C27-B316-83AFD9F1099C} - System32\Tasks\832057v2a307h93 => Rundll32.exe "C:\ProgramData\832057v2a307h93\832057v2a307h93.dll",bgozrak <==== ACHTUNG
AlternateDataStreams: C:\ProgramData\TEMP:DED17083 [294]
IE trusted site: HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\hola.org -> hxxp://hola.org
*****************
Prozess erfolgreich geschlossen.
"C:\Windows\System32\Drivers\etc\hosts" => Konnte nicht verschoben werden.
Konnte nicht wiederhergestellt werden Hosts.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\wd => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Wert erfolgreich entfernt
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Publisher => Wert erfolgreich entfernt
"HKU\S-1-5-21-1189516615-3406733157-290963412-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{419bdd99-211a-11e6-9be5-002522ce1e89}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{419bdd99-211a-11e6-9be5-002522ce1e89} => Schlüssel nicht gefunden.
"HKU\S-1-5-21-1189516615-3406733157-290963412-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d27250ef-c555-11e6-9bf5-002522ce1e89}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{d27250ef-c555-11e6-9bf5-002522ce1e89} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{A8506F46-C68A-11E6-8C32-64006A5CFC23} => Wert erfolgreich entfernt
"HKCR\CLSID\{A8506F46-C68A-11E6-8C32-64006A5CFC23}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js => erfolgreich verschoben
dbx => Dienst erfolgreich entfernt
C:\Users\Matthias\AppData\Roaming\Enigma Software Group => erfolgreich verschoben
C:\autoexec.bat => erfolgreich verschoben
C:\Program Files\Enigma Software Group => erfolgreich verschoben
C:\Program Files (x86)\wallpaperchanger => erfolgreich verschoben
C:\Program Files (x86)\Ruferdombother => erfolgreich verschoben
C:\Program Files\BMAF84KGRH => erfolgreich verschoben
C:\Program Files\A4H06F8TMD => erfolgreich verschoben
C:\Users\Matthias\AppData\Roaming\Installer.dat => erfolgreich verschoben
C:\ProgramData\832057v2a307h93 => erfolgreich verschoben
C:\Users\Matthias\AppData\Roaming\Plowuward => erfolgreich verschoben
C:\Users\Matthias\AppData\Local\Qocertionrifotain => erfolgreich verschoben
C:\Users\Matthias\AppData\Local\Plefaspckoruge => erfolgreich verschoben
C:\Program Files (x86)\Ruferdombother_ => erfolgreich verschoben
C:\Program Files (x86)\Plermation System => erfolgreich verschoben
C:\Program Files (x86)\eRightSoft => erfolgreich verschoben
C:\Program Files (x86)\Ckiqsy => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F751F542-6797-4C27-B316-83AFD9F1099C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F751F542-6797-4C27-B316-83AFD9F1099C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\832057v2a307h93 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\832057v2a307h93" => Schlüssel erfolgreich entfernt
C:\ProgramData\TEMP => ":DED17083" ADS erfolgreich entfernt.
"HKU\S-1-5-21-1189516615-3406733157-290963412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => Schlüssel erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 39346 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20690873 B
Java, Flash, Steam htmlcache => 403548544 B
Windows/system/drivers => 17031057 B
Edge => 99629 B
Chrome => 0 B
Firefox => 383426251 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18680 B
NetworkService => 6536 B
Matthias => 5280944 B
DefaultAppPool => 0 B
RecycleBin => 8401164 B
EmptyTemp: => 799.7 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:52:27 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Matthias (Administrator) auf MATTHIAS-PC (28-12-2016 10:54:52)
Gestartet von C:\Users\Matthias\Desktop
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Skype Technologies) D:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-13] (Electronic Arts)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-11-29] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1bdf6fc-712e-4bc8-841b-739d33d9114b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: c0pc1p83.default
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default [2016-12-28]
FF Homepage: Mozilla\Firefox\Profiles\c0pc1p83.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\c0pc1p83.default -> ist aktiviert.
FF Extension: (MEGA) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\firefox@mega.co.nz.xpi [2016-12-27]
FF Extension: (uBlock Origin) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-24]
FF Extension: (DownThemAll!) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-10]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-11-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-13] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-16] (Microsoft Corporation)
R2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; D:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 Duquycloos; C:\Program Files (x86)\Ruferdombother_\VrgCnt.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237912 2016-12-05] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-12-27] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [992600 2016-08-21] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-08-21] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [110424 2016-08-21] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-28] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-28] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-28] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-10-26] (Nuvoton Technology Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-28 10:54 - 2016-12-28 10:55 - 00023234 _____ C:\Users\Matthias\Desktop\FRST.txt
2016-12-28 10:52 - 2016-12-28 10:52 - 00007680 _____ C:\Users\Matthias\Desktop\Fixlog.txt
2016-12-28 10:49 - 2016-12-27 23:23 - 02420736 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2016-12-27 23:32 - 2016-12-27 23:32 - 00000000 ____D C:\AdwCleaner
2016-12-27 23:24 - 2016-12-28 10:54 - 00000000 ____D C:\FRST
2016-12-27 23:08 - 2016-12-28 10:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-27 23:08 - 2016-12-28 10:53 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-27 23:08 - 2016-12-28 10:53 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-27 23:08 - 2016-12-28 10:53 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-27 23:08 - 2016-12-27 23:08 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2016-12-27 23:08 - 2016-12-27 23:08 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-27 23:08 - 2016-12-27 23:08 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-27 23:08 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-27 21:47 - 2016-12-28 10:53 - 00000008 __RSH C:\Users\Matthias\ntuser.pol
2016-12-27 21:40 - 2016-12-27 21:40 - 07316480 _____ C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00018432 _____ C:\Users\Matthias\AppData\Roaming\Main.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00003502 _____ C:\WINDOWS\System32\Tasks\SRT
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-12-27 21:40 - 2016-12-27 21:39 - 00629760 _____ C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-26 15:49 - 2016-12-27 03:21 - 00000000 ____D C:\Users\Matthias\Desktop\mysummercar
2016-12-26 15:03 - 2016-12-26 15:03 - 00001154 _____ C:\Users\Matthias\Desktop\Cheat Engine.lnk
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2016-12-26 14:12 - 2016-12-09 10:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-12-26 14:12 - 2016-12-09 10:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-12-26 14:12 - 2016-10-15 04:47 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-10-15 04:38 - 02781184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-09-15 17:43 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2016-12-26 14:12 - 2016-09-15 17:24 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2016-12-26 13:57 - 2016-12-26 13:57 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-12-26 13:54 - 2016-12-26 13:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-26 13:54 - 2016-07-15 19:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 19:28 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 19:26 - 00376320 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 19:25 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 19:23 - 14388224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 19:19 - 01323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 19:16 - 04969472 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 19:13 - 01198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 19:11 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2016-12-26 13:54 - 2016-07-15 18:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 18:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 18:41 - 00355840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 18:41 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 18:39 - 11670528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 18:38 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 18:37 - 01074176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 18:35 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 18:32 - 03701248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 18:29 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
2016-12-26 13:51 - 2016-12-26 13:51 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\Program Files\Microsoft DNX
2016-12-26 13:51 - 2016-12-12 04:03 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-26 13:50 - 2016-12-11 19:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files\IIS Express
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-12-26 13:49 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-26 13:48 - 2016-12-26 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2016-12-26 13:47 - 2016-12-26 13:47 - 00001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-12-26 13:47 - 2016-12-26 13:47 - 00000000 ____D C:\NVIDIA
2016-12-26 13:46 - 2016-12-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-12-26 13:45 - 2016-12-26 13:45 - 00000000 ____D C:\WINDOWS\symbols
2016-12-26 13:44 - 2016-12-26 13:44 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-12-26 13:44 - 2016-12-26 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2016-12-26 12:27 - 2016-12-26 12:27 - 00275856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-26 12:27 - 2016-12-26 12:27 - 00000000 ____D C:\WINDOWS\Panther
2016-12-25 19:39 - 2016-12-25 19:39 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\HomeDev
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-25 19:38 - 2016-12-25 19:38 - 00002619 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\Program Files (x86)\HomeDev
2016-12-25 18:16 - 2016-12-26 12:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\JAM Software
2016-12-25 18:05 - 2016-12-25 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-25 17:19 - 2016-12-25 17:19 - 00000000 ____D C:\Users\Matthias\AppData\Local\hack_me
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-19 00:25 - 2016-12-19 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-19 00:24 - 2016-12-19 00:24 - 00000000 ____D C:\Program Files\iPod
2016-12-18 20:31 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-18 20:31 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-18 20:31 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-18 20:31 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-18 20:31 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-18 20:31 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-18 20:31 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-18 20:31 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-18 20:31 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-18 20:31 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-18 20:31 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-18 20:31 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-18 20:31 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-18 20:31 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-18 20:31 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-18 20:31 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-18 20:31 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-18 20:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-18 20:31 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-18 20:31 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-18 20:31 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-18 20:31 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-18 20:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-18 20:31 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-18 20:31 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-18 20:31 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-18 20:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-18 20:31 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-18 20:31 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-18 20:31 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-18 20:31 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-18 20:31 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-18 20:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-18 20:31 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-18 20:31 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-18 20:31 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-18 20:31 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-18 20:31 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-18 20:31 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-18 20:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-18 20:31 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-18 20:31 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-18 20:31 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-18 20:31 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-18 20:31 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-18 20:31 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-18 20:31 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-18 20:31 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-18 20:24 - 2016-12-18 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-18 20:23 - 2016-12-18 20:23 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\11bitstudios
2016-12-18 20:22 - 2016-12-18 20:22 - 00000759 _____ C:\Users\Public\Desktop\This War of Mine.lnk
2016-12-18 20:22 - 2016-12-18 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-12-10 01:17 - 2016-12-10 01:17 - 00000000 ____D C:\Users\Matthias\AppData\Local\Matt_and_the_bus_stop_girl
2016-12-10 00:58 - 2016-12-26 13:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-05 17:54 - 2016-12-05 17:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Eidos Montreal
2016-12-05 16:58 - 2016-12-09 17:48 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\WhatsApp
2016-12-05 16:58 - 2016-12-09 17:42 - 00002253 _____ C:\Users\Matthias\Desktop\WhatsApp.lnk
2016-12-05 16:58 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Local\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:41 - 00000000 ____D C:\Users\Matthias\AppData\Local\SquirrelTemp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-28 10:54 - 2016-11-21 13:08 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Mozilla
2016-12-28 10:54 - 2016-10-16 17:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-28 10:53 - 2016-10-16 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-28 10:53 - 2016-10-16 17:34 - 00000000 ____D C:\Users\Matthias
2016-12-28 10:53 - 2015-10-26 20:27 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-28 10:53 - 2015-10-26 18:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-28 10:52 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-12-28 10:52 - 2016-02-18 15:11 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Temp
2016-12-28 10:52 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-27 23:27 - 2016-10-16 17:33 - 02166154 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-27 23:27 - 2016-07-16 23:51 - 00823764 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-27 23:27 - 2016-07-16 23:51 - 00194748 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-27 22:14 - 2016-04-18 19:02 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps
2016-12-27 21:56 - 2015-10-26 18:11 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-27 21:45 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-26 18:35 - 2015-10-26 18:23 - 00000000 ____D C:\Users\Matthias\AppData\Local\JDownloader v2.0
2016-12-26 14:13 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-26 14:06 - 2015-10-26 18:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-26 14:06 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA Corporation
2016-12-26 14:02 - 2015-10-26 18:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-26 14:00 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA
2016-12-26 13:58 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-26 13:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-26 13:55 - 2016-10-16 17:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-26 13:54 - 2016-11-26 13:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-26 13:52 - 2016-11-26 13:21 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-26 13:50 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-12-26 13:50 - 2016-03-12 00:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-12-26 13:46 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\system32\1033
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-12-26 13:44 - 2016-11-26 13:17 - 00000000 ____D C:\WINDOWS\system32\1031
2016-12-26 13:43 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-26 13:43 - 2016-10-16 18:24 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-26 13:43 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-26 13:30 - 2015-10-26 18:28 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe
2016-12-26 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-26 12:27 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-26 12:27 - 2015-10-26 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-25 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-25 19:47 - 2016-09-20 17:00 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\TeamViewer
2016-12-25 19:47 - 2015-10-26 18:09 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\DAEMON Tools Lite
2016-12-25 18:58 - 2015-10-27 19:49 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\vlc
2016-12-25 18:05 - 2015-11-02 17:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-24 14:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-24 14:04 - 2015-10-26 18:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-19 23:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-19 23:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-19 16:13 - 2015-10-26 18:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-19 16:12 - 2015-07-10 12:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-12-19 16:10 - 2016-10-16 17:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-19 16:02 - 2015-10-27 19:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-19 16:00 - 2015-10-27 19:36 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-19 15:39 - 2016-04-27 15:25 - 00000000 ____D C:\Users\Matthias\AppData\Local\146F1B44-2D97-405C-A624-50FC159A5557.aplzod
2016-12-19 00:24 - 2015-10-26 19:24 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-18 20:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-18 20:12 - 2015-11-02 17:50 - 00001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-18 20:12 - 2015-11-02 17:50 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-12 04:03 - 2016-10-09 21:28 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-10-09 21:28 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 04:03 - 2016-08-26 23:30 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-12-12 04:03 - 2016-08-26 23:30 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-12-12 04:03 - 2016-05-15 10:17 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-16 17:33 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-09 15:28 - 2015-10-26 18:04 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages
2016-12-09 13:38 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 09:52 - 2016-10-16 17:33 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-05 17:09 - 2016-04-29 00:28 - 00237912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-12-05 17:05 - 2016-11-26 13:21 - 00000000 ____D C:\Program Files\SharePoint Client Components
2016-12-05 16:51 - 2016-10-16 17:39 - 00004302 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-05 16:51 - 2016-10-16 17:39 - 00004070 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-27 21:40 - 2016-12-27 21:40 - 7316480 _____ () C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:39 - 0629760 _____ () C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-27 21:40 - 2016-12-27 21:40 - 0018432 _____ () C:\Users\Matthias\AppData\Roaming\Main.dat
2016-01-25 15:44 - 2016-01-25 15:44 - 0000096 _____ () C:\Users\Matthias\AppData\Local\fusioncache.dat
2016-01-04 13:51 - 2016-01-04 13:51 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-19 15:59
==================== Ende von FRST.txt ============================
|
|
28.12.2016, 11:00
| #5 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Und hier nun noch die Additions.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (28-12-2016 10:55:21)
Gestartet von C:\Users\Matthias\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-16 16:40:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1189516615-3406733157-290963412-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1189516615-3406733157-290963412-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1189516615-3406733157-290963412-503 - Limited - Disabled)
Gast (S-1-5-21-1189516615-3406733157-290963412-501 - Limited - Disabled)
Matthias (S-1-5-21-1189516615-3406733157-290963412-1001 - Administrator - Enabled) => C:\Users\Matthias
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Airport Firefighters - The Simulation (HKLM-x32\...\Airport Firefighters - The Simulation_is1) (Version: - )
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blues and Bullets (HKLM-x32\...\Steam App 378660) (Version: - A Crowd of Monsters)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grow Home (HKLM-x32\...\Steam App 323320) (Version: - Reflections, a Ubisoft Studio)
HITMAN™ (HKLM\...\Steam App 236870) (Version: - Io-Interactive)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 3 (HKLM\...\Steam App 225540) (Version: - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
My Summer Car (HKLM\...\Steam App 516750) (Version: - Amistech Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {026A7D69-E429-4B4B-949C-99940E2347C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0349E2A7-1353-4244-9A4B-92201DC2BA78} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {03A79BD9-F53D-45FE-8192-105A12A94F52} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0535BB14-3A64-466E-9A01-6C5FDF0840D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {16160FA3-F8E9-438F-BBED-9D51CEF00DDC} - System32\Tasks\{7E7B725C-2E2A-458E-A3B8-8FE2D3F6C3BD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.112/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {2E1181A0-315B-4BF9-B777-B6269DD27289} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-26] (Adobe Systems Incorporated)
Task: {46E50EDA-F1C7-4AC7-A62A-D8B61D2CD175} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {559A6523-816C-40CC-9F1B-42A6F2F100F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5A5A8148-DD0F-46F9-ABAE-4A8153B9FBFA} - System32\Tasks\MATLAB R2015b Startup Accelerator => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {68F03E89-746A-4BF4-8750-D8D75BC22182} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {7651BFBA-1EAD-4DD2-92F3-A87B689FA04D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {853B5616-E655-4ADD-AACD-4977D7FE5FEF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {91849900-C200-4718-8456-F7773D1E95AD} - System32\Tasks\SRT => C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
Task: {96ABA1A8-99F5-488E-9C72-309EE482053A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {ACF9A8AE-38B6-40D6-BE75-A4C0668A30E9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {AD1B4AAF-0FF5-4151-B2D3-16B0C872162B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B1FE2CC3-8042-43B3-BB1E-E6C4EDF149F1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {B6D80566-DCD8-44C8-8049-4A4B82BBD273} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {EA10A334-9555-4C95-8399-B351C5103AA1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-16 17:33 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-27 23:08 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-11-29 18:04 - 2005-04-22 05:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-16 17:59 - 2016-10-16 17:59 - 00959168 _____ () C:\Users\Matthias\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-10-16 18:29 - 2016-10-16 18:29 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 13:45 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:45 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:45 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 13:45 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 13:45 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:45 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-09 13:45 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-11-09 13:45 - 2016-11-02 11:13 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-11-09 13:45 - 2016-11-02 11:13 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 12:43 - 2016-07-16 23:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-10-26 18:07 - 2015-10-26 18:07 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2015-10-26 18:10 - 2016-12-12 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-26 13:51 - 2016-12-12 04:03 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-09 12:10 - 2016-12-08 16:13 - 00656160 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 02322720 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 00838944 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-10 17:32 - 2016-07-04 23:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-12-06 10:44 - 2016-12-05 17:21 - 67304736 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-10 17:32 - 2015-09-25 00:52 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2016-12-27 21:40 - 00001188 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "FreePDF Assistant"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "Publisher"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{76819DE0-2495-4639-B2D1-1A17DD0CB8B2}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49D7E137-37EA-43A0-BAB1-232C13D58258}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{EA2B6607-6D22-43DB-922D-F2FB0B448E44}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{0D78C470-E482-4D7A-A865-87195D78DA7A}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2B483999-F1DB-451B-B536-F5EEC8E3DFB1}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A88DA332-A6AC-433B-92A9-870D2ACCC893}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{03FD3A2F-49DC-4439-A1EE-88CFEF1A5AAA}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1947581C-FB8D-49D3-BB80-336C927345BF}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6289E9F6-16C1-4AD4-8CB3-AA93DF0D716A}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{53CF2268-646D-4F32-8BDA-89C586F6E855}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{090B420A-4FA2-4B49-8408-D9F61076B058}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F75E24C4-A300-423C-890B-1E10736A36C2}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1E2B3431-4E33-4E02-AE73-6BD937801EE6}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CBE73DF2-8F8F-43D0-9EEF-CDD596C464E8}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{68568424-8476-4641-B733-507C351759CD}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{A1DC72B5-DCC7-46CF-AA06-9EC62151DDBE}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{44BAA781-8BC5-45E4-8DA7-E44B42C0E6B7}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{90DE5418-3EB0-4FC6-A9D3-01FB2B4B24A6}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{E99D776F-E312-4BC3-AA6F-FA72DA18FA32}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{D223876B-B52E-4380-86F0-7245BCCBEE10}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{8988C41D-41E5-4E26-87FE-F48080F828DD}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FB13C02F-8A4B-4D24-8532-45DEFA478400}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{322C2604-2173-47BA-9141-2104C4387167}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AAE3D145-8F66-4338-9A9D-31B7C8A62BCF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECAFC386-5FA1-46BC-88B2-012A6921230D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66F689F6-6CCF-4156-A8BC-81B87F261709}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{927397A1-D059-47E9-8776-10A67277720D}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{065CA1EB-17E7-4E07-B701-E190EDCFD349}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EDD50E7F-3436-48A8-AEC7-AB3B96040D03}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12040BE0-2691-4BD6-92C8-B1582158A257}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49485E05-00C0-4E4B-8F0D-DAAC8D6B2C9D}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9435F324-66A3-42DF-B6DA-280AAC1338EB}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{095A80FC-78E6-4F0B-8706-79AFABA0DBE4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7EAB5420-3BAC-475C-9608-8DCF9890CEE9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{645003DE-EE5B-40FA-867E-A2999372C45B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{872B1757-6651-46A9-BD6F-0ED70A71423B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5A54CD2B-869B-42EC-85D8-3A694C1A47E6}] => LPort=54925
FirewallRules: [{0F016C53-392A-430C-B4BA-2882CB8BC68A}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{6EC6F985-647B-49B1-9B2A-565AB6625BAC}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{F9F314AE-CFC9-4DA3-9081-D468C8563FAF}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{580FF403-70B8-46DC-B6C4-D1F236531128}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{FDB75D2E-3FF2-4F28-A1D3-F9D226773FD4}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{9ADD6567-652D-4837-B107-3478F267E5FA}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{31B7020F-DF29-4503-8EBD-5ED06E55F285}] => D:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C372E7D7-805B-4E70-AE32-C534F0765B1E}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2C37B3B3-5B5E-4EDA-9106-D324ABD306E5}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{465BDA88-AD37-44FE-95E1-B2EF99385F7A}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8642A92B-0E7F-4B70-9573-615DA1918E74}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38F58117-2E84-47B7-B499-C6C1B5E9E8FC}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5ED70613-B4F2-4A42-8090-3921F951F888}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{95C04AED-078F-449A-BA68-0465978A3784}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CCD299E7-9A60-4F6B-B957-6D686FAD9385}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5B994923-CBBF-4086-9D38-6F70271B7ED5}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F63BF32D-9FF4-4E32-B459-5F77808685BF}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD76D992-CFCB-4283-8658-FB00005CDF88}] => D:\Programme (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DDD498C1-707A-4AB1-A364-8FA7910B4670}] => LPort=12292
FirewallRules: [{F1F74CB2-B43F-474B-A0BE-EFD2EC403024}] => D:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADCB4AD0-3CFD-4E01-8BEB-3175F71BDCE3}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{04EAD057-0607-44E1-B0DA-4EA9F2107DF8}] => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2AFBED0D-6B5F-471C-8D8D-AF5D7D6A2803}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0137A594-FF22-4F97-8237-37358EC36D56}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{E345F383-2729-4DBB-9530-661C93E287D5}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{5FCAFD87-781D-48A1-82EC-9E48570E8FFB}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{53550BC9-FB67-4357-9454-BFB27FFC291B}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{72061E83-262C-4626-8C67-EA99AAB3B3C8}] => C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/28/2016 10:53:13 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/28/2016 10:46:43 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 11:21:24 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 11:09:55 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 10:38:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: UDPEndRecv: WSARecvMsg control information error.
Error: (12/27/2016 10:27:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/27/2016 10:22:42 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/27/2016 10:18:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MATTHIAS-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{b78298f0-4ab9-46f9-b738-25b2c8ce8211}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/27/2016 10:18:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MATTHIAS-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{2d9afb7b-2bdd-4e5b-af87-0c41d7ff59d3}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/27/2016 10:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.041.exe, Version: 6.0.4.1, Zeitstempel: 0x5852333a
Name des fehlerhaften Moduls: adwcleaner_6.041.exe, Version: 6.0.4.1, Zeitstempel: 0x5852333a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021536
ID des fehlerhaften Prozesses: 0x2374
Startzeit der fehlerhaften Anwendung: 0x01d26084c5c0666c
Pfad der fehlerhaften Anwendung: D:\Matthias\Downloads\adwcleaner_6.041.exe
Pfad des fehlerhaften Moduls: D:\Matthias\Downloads\adwcleaner_6.041.exe
Berichtskennung: e8c7f4aa-8390-4157-8e4d-9bfb87ebcdcb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/28/2016 10:53:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/28/2016 10:53:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Duquycloos" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (12/28/2016 10:52:20 AM) (Source: DCOM) (EventID: 10000) (User: MATTHIAS-PC)
Description: Ein DCOM-Server konnte nicht gestartet werden: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Fehler:
"5"
Aufgetreten beim Start dieses Befehls:
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/28/2016 10:52:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-12-27 22:17:43.036
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-27 22:17:42.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8104.65 MB
Verfügbarer physikalischer RAM: 5341.85 MB
Summe virtueller Speicher: 9128.65 MB
Verfügbarer virtueller Speicher: 6290.6 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.75 GB) (Free:68.97 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1211.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: B2D754D6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C1C0AE3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 01:34
| #6 |
| /// Malwareteam | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Schritt 0 Wichtig: deaktiviere deinen Virenschutzprogramm vor dem folgenden Fix, da er sonst nicht erfolgreich durchlaufen wird! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
emptytemp:
hosts:
Task: {91849900-C200-4718-8456-F7773D1E95AD} - System32\Tasks\SRT => C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
C:\Program Files (x86)\GNR
S2 Duquycloos; C:\Program Files (x86)\Ruferdombother_\VrgCnt.dll [X]
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 1 Lade dir folgendes Programm herunter und installiere es:  Malwarebytes Anti-Malware
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ --> Windows 10: Malware, Adware u.a. Netutils2016 eingefangen |
|
29.12.2016, 10:47
| #7 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Hallo Rafael, deiner Anleitung entsprechend die gewünschten Logs: AdwCleaner: Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 29/12/2016 um 10:40:15
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-26.3 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Matthias - MATTHIAS-PC
# Gestartet von : C:\Users\Matthias\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\b`nl{y
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\b`nl{y
[-] Schlüssel gelöscht: HKLM\SOFTWARE\b`nl{y
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\b`nl{y
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1308 Bytes] - [29/12/2016 10:40:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1587 Bytes] - [29/12/2016 10:39:48]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1454 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 29.12.16
Scan-Zeit: 10:27
Protokolldatei:
Administrator: Ja
-Softwaredaten-
Version: 3.0.5.1299
Komponentenversion: 1.0.43
Version des Aktualisierungspakets: 1.0.884
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: MATTHIAS-PC\Matthias
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 543233
Abgelaufene Zeit: 5 Min., 53 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (29-12-2016 10:22:53) Run:2
Gestartet von C:\Users\Matthias\Desktop
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
emptytemp:
hosts:
Task: {91849900-C200-4718-8456-F7773D1E95AD} - System32\Tasks\SRT => C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
C:\Program Files (x86)\GNR
S2 Duquycloos; C:\Program Files (x86)\Ruferdombother_\VrgCnt.dll [X]
*****************
Prozess erfolgreich geschlossen.
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91849900-C200-4718-8456-F7773D1E95AD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91849900-C200-4718-8456-F7773D1E95AD}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\SRT => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SRT" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\GNR" => nicht gefunden.
Duquycloos => Dienst erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6498689 B
Java, Flash, Steam htmlcache => 22639625 B
Windows/system/drivers => 20480 B
Edge => 0 B
Chrome => 0 B
Firefox => 160857539 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8978 B
NetworkService => 0 B
Matthias => 21833226 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 202.1 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:22:56 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Matthias (Administrator) auf MATTHIAS-PC (29-12-2016 10:41:58)
Gestartet von C:\Users\Matthias\Desktop
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Skype Technologies) D:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Igor Pavlov) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-13] (Electronic Arts)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-11-29] (Disc Soft Ltd)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\MountPoints2: {d27250ef-c555-11e6-9bf5-002522ce1e89} - "J:\setup.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1bdf6fc-712e-4bc8-841b-739d33d9114b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-05] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: c0pc1p83.default
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default [2016-12-29]
FF Homepage: Mozilla\Firefox\Profiles\c0pc1p83.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\c0pc1p83.default -> ist aktiviert.
FF Extension: (MEGA) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\firefox@mega.co.nz.xpi [2016-12-27]
FF Extension: (uBlock Origin) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-24]
FF Extension: (DownThemAll!) - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\c0pc1p83.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-10]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-11-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-13] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-16] (Microsoft Corporation)
R2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; D:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237912 2016-12-05] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-12-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [992600 2016-08-21] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-08-21] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [110424 2016-08-21] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-29] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-10-26] (Nuvoton Technology Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 10:41 - 2016-12-29 10:41 - 00001548 _____ C:\Users\Matthias\Desktop\AdwCleaner[C0].txt
2016-12-29 10:35 - 2016-12-29 10:35 - 00001155 _____ C:\Users\Matthias\Desktop\mbam.txt
2016-12-29 10:33 - 2016-12-29 10:33 - 00126219 _____ C:\Users\Matthias\Desktop\Dienstplan_JF_2017_Eltern.xlsx
2016-12-29 10:26 - 2016-12-29 10:41 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-29 10:26 - 2016-12-29 10:41 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-29 10:26 - 2016-12-29 10:41 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-29 10:26 - 2016-12-29 10:41 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-29 10:26 - 2016-12-29 10:26 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2016-12-29 10:26 - 2016-12-29 10:26 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-29 10:26 - 2016-12-29 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-29 10:26 - 2016-12-29 10:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-29 10:26 - 2016-12-29 10:26 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-29 10:26 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-29 10:25 - 2016-12-29 10:25 - 03977168 _____ C:\Users\Matthias\Desktop\AdwCleaner_6.041.exe
2016-12-28 22:59 - 2016-12-28 22:59 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Red Dot Games
2016-12-28 22:58 - 2016-12-28 22:58 - 00001042 _____ C:\Users\Matthias\Desktop\Car Mechanic Simulator 2015 Gold Edition.lnk
2016-12-28 22:33 - 2016-12-28 22:33 - 00000715 _____ C:\Users\Public\Desktop\The Witcher 3 Wild Hunt.lnk
2016-12-28 22:33 - 2016-12-28 22:33 - 00000715 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt.lnk
2016-12-28 10:55 - 2016-12-28 10:56 - 00062711 _____ C:\Users\Matthias\Desktop\Addition.txt
2016-12-28 10:54 - 2016-12-29 10:42 - 00023278 _____ C:\Users\Matthias\Desktop\FRST.txt
2016-12-28 10:52 - 2016-12-29 10:22 - 00002083 _____ C:\Users\Matthias\Desktop\Fixlog.txt
2016-12-28 10:49 - 2016-12-27 23:23 - 02420736 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2016-12-27 23:32 - 2016-12-29 10:40 - 00000000 ____D C:\AdwCleaner
2016-12-27 23:24 - 2016-12-29 10:41 - 00000000 ____D C:\FRST
2016-12-27 21:47 - 2016-12-28 10:53 - 00000008 __RSH C:\Users\Matthias\ntuser.pol
2016-12-27 21:40 - 2016-12-27 21:40 - 07316480 _____ C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00018432 _____ C:\Users\Matthias\AppData\Roaming\Main.dat
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-12-27 21:40 - 2016-12-27 21:40 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-12-27 21:40 - 2016-12-27 21:39 - 00629760 _____ C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-26 15:03 - 2016-12-26 15:03 - 00001154 _____ C:\Users\Matthias\Desktop\Cheat Engine.lnk
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2016-12-26 15:03 - 2016-12-26 15:03 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2016-12-26 14:12 - 2016-12-09 10:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-12-26 14:12 - 2016-12-09 10:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-12-26 14:12 - 2016-12-09 10:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-12-26 14:12 - 2016-12-09 10:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-12-26 14:12 - 2016-10-15 04:47 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-10-15 04:38 - 02781184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-12-26 14:12 - 2016-09-15 17:43 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2016-12-26 14:12 - 2016-09-15 17:24 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2016-12-26 13:57 - 2016-12-26 13:57 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-12-26 13:54 - 2016-12-26 13:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-26 13:54 - 2016-07-15 19:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 19:28 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 19:26 - 00376320 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 19:25 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 19:23 - 14388224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 19:22 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 19:19 - 01323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 19:16 - 04969472 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 19:13 - 01198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2016-12-26 13:54 - 2016-07-15 19:13 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 19:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 19:11 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2016-12-26 13:54 - 2016-07-15 18:58 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
2016-12-26 13:54 - 2016-07-15 18:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
2016-12-26 13:54 - 2016-07-15 18:41 - 00355840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2016-12-26 13:54 - 2016-07-15 18:41 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
2016-12-26 13:54 - 2016-07-15 18:39 - 11670528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2016-12-26 13:54 - 2016-07-15 18:38 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
2016-12-26 13:54 - 2016-07-15 18:37 - 01074176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
2016-12-26 13:54 - 2016-07-15 18:35 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2016-12-26 13:54 - 2016-07-15 18:32 - 03701248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2016-12-26 13:54 - 2016-07-15 18:29 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2016-12-26 13:54 - 2016-07-15 18:29 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2016-12-26 13:54 - 2016-07-15 18:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
2016-12-26 13:51 - 2016-12-26 13:51 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\ProgramData\Microsoft DNX
2016-12-26 13:51 - 2016-12-26 13:51 - 00000000 ____D C:\Program Files\Microsoft DNX
2016-12-26 13:51 - 2016-12-12 04:03 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-26 13:50 - 2016-12-12 04:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-26 13:50 - 2016-12-11 19:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files\IIS Express
2016-12-26 13:49 - 2016-12-26 13:49 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-12-26 13:49 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-26 13:49 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-26 13:48 - 2016-12-26 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2016-12-26 13:47 - 2016-12-26 13:47 - 00001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-12-26 13:47 - 2016-12-26 13:47 - 00000000 ____D C:\NVIDIA
2016-12-26 13:46 - 2016-12-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-12-26 13:45 - 2016-12-26 13:45 - 00000000 ____D C:\WINDOWS\symbols
2016-12-26 13:44 - 2016-12-26 13:44 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-12-26 13:44 - 2016-12-26 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2016-12-26 12:27 - 2016-12-26 12:27 - 00275856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-26 12:27 - 2016-12-26 12:27 - 00000000 ____D C:\WINDOWS\Panther
2016-12-25 19:39 - 2016-12-25 19:39 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\Users\Matthias\AppData\Local\HomeDev
2016-12-25 19:39 - 2016-12-25 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-25 19:38 - 2016-12-25 19:38 - 00002619 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2016-12-25 19:38 - 2016-12-25 19:38 - 00000000 ____D C:\Program Files (x86)\HomeDev
2016-12-25 18:16 - 2016-12-26 12:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\JAM Software
2016-12-25 18:05 - 2016-12-25 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-25 17:19 - 2016-12-25 17:19 - 00000000 ____D C:\Users\Matthias\AppData\Local\hack_me
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-19 00:25 - 2016-12-19 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-19 00:24 - 2016-12-19 00:24 - 00000000 ____D C:\Program Files\iPod
2016-12-18 20:31 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-18 20:31 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-18 20:31 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-18 20:31 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-18 20:31 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-18 20:31 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-18 20:31 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-18 20:31 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-18 20:31 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-18 20:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-18 20:31 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-18 20:31 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-18 20:31 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-18 20:31 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-18 20:31 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-18 20:31 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-18 20:31 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-18 20:31 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-18 20:31 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-18 20:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-18 20:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-18 20:31 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-18 20:31 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-18 20:31 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-18 20:31 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-18 20:31 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-18 20:31 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-18 20:31 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-18 20:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-18 20:31 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-18 20:31 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-18 20:31 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-18 20:31 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-18 20:31 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-18 20:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-18 20:31 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-18 20:31 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-18 20:31 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-18 20:31 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-18 20:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-18 20:31 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-18 20:31 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-18 20:31 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-18 20:31 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-18 20:31 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-18 20:31 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-18 20:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-18 20:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-18 20:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-18 20:31 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-18 20:31 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-18 20:31 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-18 20:31 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-18 20:31 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-18 20:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-18 20:31 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-18 20:31 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-18 20:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-18 20:31 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-18 20:31 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-18 20:31 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-18 20:31 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-18 20:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-18 20:31 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-18 20:31 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-18 20:31 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-18 20:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-18 20:31 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-18 20:31 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-18 20:31 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-18 20:31 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-18 20:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-18 20:31 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-18 20:31 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-18 20:31 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-18 20:31 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-18 20:31 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-18 20:31 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-18 20:31 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-18 20:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-18 20:31 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-18 20:31 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-18 20:31 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-18 20:31 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-18 20:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-18 20:31 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-18 20:31 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-18 20:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-18 20:31 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-18 20:31 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-18 20:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-18 20:31 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-18 20:31 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-18 20:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-18 20:31 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-18 20:31 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-18 20:31 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-18 20:31 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-18 20:31 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-18 20:31 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-18 20:31 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-18 20:31 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-18 20:31 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-18 20:31 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-18 20:31 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-18 20:31 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-18 20:31 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-18 20:31 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-18 20:31 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-18 20:31 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-18 20:31 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-18 20:31 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-18 20:31 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-18 20:31 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-18 20:31 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-18 20:31 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-18 20:31 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-18 20:31 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-18 20:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-18 20:31 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-18 20:31 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-18 20:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-18 20:31 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-18 20:31 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-18 20:31 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-18 20:31 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-18 20:31 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-18 20:31 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-18 20:31 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-18 20:31 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-18 20:31 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-18 20:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-18 20:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-18 20:24 - 2016-12-18 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-18 20:23 - 2016-12-18 20:23 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\11bitstudios
2016-12-18 20:22 - 2016-12-18 20:22 - 00000759 _____ C:\Users\Public\Desktop\This War of Mine.lnk
2016-12-18 20:22 - 2016-12-18 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-12-18 20:21 - 2016-12-18 20:21 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-12-10 01:17 - 2016-12-10 01:17 - 00000000 ____D C:\Users\Matthias\AppData\Local\Matt_and_the_bus_stop_girl
2016-12-10 00:58 - 2016-12-26 13:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-05 17:54 - 2016-12-05 17:54 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Eidos Montreal
2016-12-05 16:58 - 2016-12-09 17:48 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\WhatsApp
2016-12-05 16:58 - 2016-12-09 17:42 - 00002253 _____ C:\Users\Matthias\Desktop\WhatsApp.lnk
2016-12-05 16:58 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:42 - 00000000 ____D C:\Users\Matthias\AppData\Local\WhatsApp
2016-12-05 16:57 - 2016-12-09 17:41 - 00000000 ____D C:\Users\Matthias\AppData\Local\SquirrelTemp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 10:41 - 2016-11-21 13:08 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Mozilla
2016-12-29 10:41 - 2016-10-16 17:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-29 10:41 - 2015-10-26 18:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-29 10:40 - 2016-10-16 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-29 10:40 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-12-29 10:32 - 2016-10-16 17:33 - 02253724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-29 10:32 - 2016-07-16 23:51 - 00870828 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-29 10:32 - 2016-07-16 23:51 - 00208302 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-29 10:19 - 2016-10-16 17:34 - 00000000 ____D C:\Users\Matthias
2016-12-28 22:59 - 2016-10-10 18:12 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\SmartSteamEmu
2016-12-28 22:51 - 2015-10-26 18:23 - 00000000 ____D C:\Users\Matthias\AppData\Local\JDownloader v2.0
2016-12-28 22:33 - 2015-10-26 18:09 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\DAEMON Tools Lite
2016-12-28 11:16 - 2016-10-16 17:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-28 10:53 - 2015-10-26 20:27 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-28 10:52 - 2016-02-18 15:11 - 00000000 ____D C:\Users\Matthias\AppData\LocalLow\Temp
2016-12-27 22:14 - 2016-04-18 19:02 - 00000000 ____D C:\Users\Matthias\AppData\Local\CrashDumps
2016-12-27 21:56 - 2015-10-26 18:11 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-27 21:45 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-26 14:13 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-26 14:06 - 2015-10-26 18:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-26 14:06 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA Corporation
2016-12-26 14:02 - 2015-10-26 18:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-26 14:00 - 2015-10-26 18:10 - 00000000 ____D C:\Users\Matthias\AppData\Local\NVIDIA
2016-12-26 13:58 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-26 13:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-26 13:55 - 2016-10-16 17:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-26 13:55 - 2015-10-26 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-26 13:54 - 2016-11-26 13:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-26 13:52 - 2016-11-26 13:21 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-26 13:51 - 2016-10-16 17:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-26 13:50 - 2016-11-26 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-12-26 13:50 - 2016-03-12 00:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-12-26 13:48 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-12-26 13:46 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\WINDOWS\system32\1033
2016-12-26 13:45 - 2016-11-26 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-12-26 13:44 - 2016-11-26 13:17 - 00000000 ____D C:\WINDOWS\system32\1031
2016-12-26 13:43 - 2016-11-26 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-26 13:43 - 2016-10-16 18:24 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-26 13:43 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-26 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-26 13:30 - 2015-10-26 18:28 - 00000000 ____D C:\Users\Matthias\AppData\Local\Adobe
2016-12-26 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-26 12:27 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-26 12:27 - 2015-10-26 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-25 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-25 19:47 - 2016-09-20 17:00 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\TeamViewer
2016-12-25 18:58 - 2015-10-27 19:49 - 00000000 ____D C:\Users\Matthias\AppData\Roaming\vlc
2016-12-25 18:05 - 2015-11-02 17:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-24 14:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-24 14:04 - 2015-10-26 18:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-19 23:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-19 23:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-19 23:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-19 23:18 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-19 16:13 - 2015-10-26 18:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-19 16:12 - 2015-07-10 12:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-12-19 16:02 - 2015-10-27 19:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-19 16:00 - 2015-10-27 19:36 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-19 15:39 - 2016-04-27 15:25 - 00000000 ____D C:\Users\Matthias\AppData\Local\146F1B44-2D97-405C-A624-50FC159A5557.aplzod
2016-12-19 00:24 - 2015-10-26 19:24 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-18 20:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-18 20:12 - 2015-11-02 17:50 - 00001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-18 20:12 - 2015-11-02 17:50 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-12 04:03 - 2016-10-09 21:28 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-10-09 21:28 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 04:03 - 2016-08-26 23:30 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-12-12 04:03 - 2016-08-26 23:30 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-12-12 04:03 - 2016-05-15 10:17 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-16 17:33 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-10-16 17:33 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-09 15:28 - 2015-10-26 18:04 - 00000000 ____D C:\Users\Matthias\AppData\Local\Packages
2016-12-09 13:38 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 09:52 - 2016-10-16 17:33 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-05 17:09 - 2016-04-29 00:28 - 00237912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-12-05 17:05 - 2016-11-26 13:21 - 00000000 ____D C:\Program Files\SharePoint Client Components
2016-12-05 16:51 - 2016-10-16 17:39 - 00004302 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-05 16:51 - 2016-10-16 17:39 - 00004070 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-27 21:40 - 2016-12-27 21:40 - 7316480 _____ () C:\Users\Matthias\AppData\Roaming\agent.dat
2016-12-27 21:40 - 2016-12-27 21:39 - 0629760 _____ () C:\Users\Matthias\AppData\Roaming\Daltfind.exe
2016-12-27 21:40 - 2016-12-27 21:40 - 0018432 _____ () C:\Users\Matthias\AppData\Roaming\Main.dat
2016-01-25 15:44 - 2016-01-25 15:44 - 0000096 _____ () C:\Users\Matthias\AppData\Local\fusioncache.dat
2016-01-04 13:51 - 2016-01-04 13:51 - 0000600 _____ () C:\Users\Matthias\AppData\Local\PUTTY.RND
Einige Dateien in TEMP:
====================
C:\Users\Matthias\AppData\Local\Temp\libeay32.dll
C:\Users\Matthias\AppData\Local\Temp\msvcr120.dll
C:\Users\Matthias\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-28 22:08
==================== Ende von FRST.txt ============================
|
|
29.12.2016, 10:48
| #8 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (29-12-2016 10:42:25)
Gestartet von C:\Users\Matthias\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-16 16:40:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1189516615-3406733157-290963412-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1189516615-3406733157-290963412-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1189516615-3406733157-290963412-503 - Limited - Disabled)
Gast (S-1-5-21-1189516615-3406733157-290963412-501 - Limited - Disabled)
Matthias (S-1-5-21-1189516615-3406733157-290963412-1001 - Administrator - Enabled) => C:\Users\Matthias
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Airport Firefighters - The Simulation (HKLM-x32\...\Airport Firefighters - The Simulation_is1) (Version: - )
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blues and Bullets (HKLM-x32\...\Steam App 378660) (Version: - A Crowd of Monsters)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grow Home (HKLM-x32\...\Steam App 323320) (Version: - Reflections, a Ubisoft Studio)
HITMAN™ (HKLM\...\Steam App 236870) (Version: - Io-Interactive)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 3 (HKLM\...\Steam App 225540) (Version: - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
My Summer Car (HKLM\...\Steam App 516750) (Version: - Amistech Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {026A7D69-E429-4B4B-949C-99940E2347C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0349E2A7-1353-4244-9A4B-92201DC2BA78} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {03A79BD9-F53D-45FE-8192-105A12A94F52} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0535BB14-3A64-466E-9A01-6C5FDF0840D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {16160FA3-F8E9-438F-BBED-9D51CEF00DDC} - System32\Tasks\{7E7B725C-2E2A-458E-A3B8-8FE2D3F6C3BD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.112/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {2E1181A0-315B-4BF9-B777-B6269DD27289} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-26] (Adobe Systems Incorporated)
Task: {46E50EDA-F1C7-4AC7-A62A-D8B61D2CD175} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {559A6523-816C-40CC-9F1B-42A6F2F100F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5A5A8148-DD0F-46F9-ABAE-4A8153B9FBFA} - System32\Tasks\MATLAB R2015b Startup Accelerator => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {68F03E89-746A-4BF4-8750-D8D75BC22182} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {7651BFBA-1EAD-4DD2-92F3-A87B689FA04D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {853B5616-E655-4ADD-AACD-4977D7FE5FEF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {96ABA1A8-99F5-488E-9C72-309EE482053A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {ACF9A8AE-38B6-40D6-BE75-A4C0668A30E9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {AD1B4AAF-0FF5-4151-B2D3-16B0C872162B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B1FE2CC3-8042-43B3-BB1E-E6C4EDF149F1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {B6D80566-DCD8-44C8-8049-4A4B82BBD273} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {EA10A334-9555-4C95-8399-B351C5103AA1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => D:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-16 17:33 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-29 10:26 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-29 10:26 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-29 10:26 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-11-29 18:04 - 2005-04-22 05:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2016-12-18 20:31 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-16 18:29 - 2016-10-16 18:29 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-18 20:31 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 13:45 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:45 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:45 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 13:45 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 13:45 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:45 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-09 13:45 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-10-26 18:07 - 2015-10-26 18:07 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 22:13 - 2016-09-29 22:13 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2015-10-26 18:10 - 2016-12-12 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-26 13:51 - 2016-12-12 04:03 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-26 13:51 - 2016-12-12 04:03 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-09 12:10 - 2016-12-08 16:13 - 00656160 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 02322720 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-10 17:32 - 2016-09-01 02:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-10 17:32 - 2016-01-27 08:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-25 16:03 - 2016-12-20 03:25 - 00838944 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-10 17:32 - 2016-07-04 23:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-12-26 13:51 - 2016-12-12 04:03 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-06 10:44 - 2016-12-05 17:21 - 67304736 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-10 17:32 - 2015-09-25 00:52 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2016-12-29 10:22 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "FreePDF Assistant"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1189516615-3406733157-290963412-1001\...\StartupApproved\Run: => "Publisher"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{76819DE0-2495-4639-B2D1-1A17DD0CB8B2}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49D7E137-37EA-43A0-BAB1-232C13D58258}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{EA2B6607-6D22-43DB-922D-F2FB0B448E44}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{0D78C470-E482-4D7A-A865-87195D78DA7A}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{2B483999-F1DB-451B-B536-F5EEC8E3DFB1}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A88DA332-A6AC-433B-92A9-870D2ACCC893}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{03FD3A2F-49DC-4439-A1EE-88CFEF1A5AAA}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1947581C-FB8D-49D3-BB80-336C927345BF}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6289E9F6-16C1-4AD4-8CB3-AA93DF0D716A}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{53CF2268-646D-4F32-8BDA-89C586F6E855}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{090B420A-4FA2-4B49-8408-D9F61076B058}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F75E24C4-A300-423C-890B-1E10736A36C2}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1E2B3431-4E33-4E02-AE73-6BD937801EE6}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CBE73DF2-8F8F-43D0-9EEF-CDD596C464E8}] => D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{68568424-8476-4641-B733-507C351759CD}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{A1DC72B5-DCC7-46CF-AA06-9EC62151DDBE}] => D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{44BAA781-8BC5-45E4-8DA7-E44B42C0E6B7}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{90DE5418-3EB0-4FC6-A9D3-01FB2B4B24A6}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{E99D776F-E312-4BC3-AA6F-FA72DA18FA32}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{D223876B-B52E-4380-86F0-7245BCCBEE10}] => D:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{8988C41D-41E5-4E26-87FE-F48080F828DD}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FB13C02F-8A4B-4D24-8532-45DEFA478400}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{322C2604-2173-47BA-9141-2104C4387167}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AAE3D145-8F66-4338-9A9D-31B7C8A62BCF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECAFC386-5FA1-46BC-88B2-012A6921230D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66F689F6-6CCF-4156-A8BC-81B87F261709}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{927397A1-D059-47E9-8776-10A67277720D}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{065CA1EB-17E7-4E07-B701-E190EDCFD349}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EDD50E7F-3436-48A8-AEC7-AB3B96040D03}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12040BE0-2691-4BD6-92C8-B1582158A257}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49485E05-00C0-4E4B-8F0D-DAAC8D6B2C9D}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9435F324-66A3-42DF-B6DA-280AAC1338EB}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{095A80FC-78E6-4F0B-8706-79AFABA0DBE4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7EAB5420-3BAC-475C-9608-8DCF9890CEE9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{645003DE-EE5B-40FA-867E-A2999372C45B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{872B1757-6651-46A9-BD6F-0ED70A71423B}] => D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5A54CD2B-869B-42EC-85D8-3A694C1A47E6}] => LPort=54925
FirewallRules: [{0F016C53-392A-430C-B4BA-2882CB8BC68A}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{6EC6F985-647B-49B1-9B2A-565AB6625BAC}] => D:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{F9F314AE-CFC9-4DA3-9081-D468C8563FAF}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{580FF403-70B8-46DC-B6C4-D1F236531128}] => D:\Program Files (x86)\Steam\steamapps\common\Blues and Bullets\Blues and Bullets.exe
FirewallRules: [{FDB75D2E-3FF2-4F28-A1D3-F9D226773FD4}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{9ADD6567-652D-4837-B107-3478F267E5FA}] => D:\Program Files (x86)\Steam\steamapps\common\GrowHome\GrowHome.exe
FirewallRules: [{31B7020F-DF29-4503-8EBD-5ED06E55F285}] => D:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C372E7D7-805B-4E70-AE32-C534F0765B1E}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2C37B3B3-5B5E-4EDA-9106-D324ABD306E5}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{465BDA88-AD37-44FE-95E1-B2EF99385F7A}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8642A92B-0E7F-4B70-9573-615DA1918E74}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38F58117-2E84-47B7-B499-C6C1B5E9E8FC}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5ED70613-B4F2-4A42-8090-3921F951F888}] => D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{95C04AED-078F-449A-BA68-0465978A3784}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CCD299E7-9A60-4F6B-B957-6D686FAD9385}] => D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5B994923-CBBF-4086-9D38-6F70271B7ED5}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F63BF32D-9FF4-4E32-B459-5F77808685BF}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FD76D992-CFCB-4283-8658-FB00005CDF88}] => D:\Programme (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DDD498C1-707A-4AB1-A364-8FA7910B4670}] => LPort=12292
FirewallRules: [{F1F74CB2-B43F-474B-A0BE-EFD2EC403024}] => D:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADCB4AD0-3CFD-4E01-8BEB-3175F71BDCE3}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{04EAD057-0607-44E1-B0DA-4EA9F2107DF8}] => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2AFBED0D-6B5F-471C-8D8D-AF5D7D6A2803}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0137A594-FF22-4F97-8237-37358EC36D56}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{E345F383-2729-4DBB-9530-661C93E287D5}] => D:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{5FCAFD87-781D-48A1-82EC-9E48570E8FFB}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{53550BC9-FB67-4357-9454-BFB27FFC291B}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{72061E83-262C-4626-8C67-EA99AAB3B3C8}] => C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/29/2016 10:40:56 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/29/2016 10:37:04 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/29/2016 10:34:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/29/2016 10:23:40 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/29/2016 10:19:34 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/28/2016 11:00:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/28/2016 10:53:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/28/2016 05:27:45 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/28/2016 10:53:13 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (12/28/2016 10:46:43 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Systemfehler:
=============
Error: (12/29/2016 10:41:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/29/2016 10:40:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/29/2016 10:40:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/29/2016 10:40:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Logitech Gaming Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/29/2016 10:39:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DbxSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-27 22:17:43.036
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-27 22:17:42.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8104.65 MB
Verfügbarer physikalischer RAM: 5575.81 MB
Summe virtueller Speicher: 9128.65 MB
Verfügbarer virtueller Speicher: 6486.48 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.75 GB) (Free:68.68 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1115.6 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: B2D754D6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C1C0AE3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 15:46
| #9 |
| /// Malwareteam | Windows 10: Malware, Adware u.a. Netutils2016 eingefangenESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.12.2016, 01:27
| #10 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Hallo Rafael, hier findest du das Log vom ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dfa07a97d94bf64287d8f12039d5d2fa
# end=init
# utc_time=2016-12-29 08:25:32
# local_time=2016-12-29 09:25:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31896
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dfa07a97d94bf64287d8f12039d5d2fa
# end=updated
# utc_time=2016-12-29 08:27:21
# local_time=2016-12-29 09:27:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=dfa07a97d94bf64287d8f12039d5d2fa
# engine=31896
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-29 10:10:46
# local_time=2016-12-29 11:10:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1309 16777213 100 100 6408 47271698 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 181334 14380062 0 0
# scanned=817250
# found=8
# cleaned=0
# scan_time=6204
sh=588761BB9EF6B37E3618C449AF7FD0B6A661EBE8 ft=1 fh=8e4c9e3ce30ed1e4 vn="Variante von Win32/Adware.ELEX.BZ.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ckiqsy\Aruwering.dll"
sh=12E2C9719AE473761DE0DE4B6081CE59474B3C22 ft=1 fh=5ec2818a28f24065 vn="Variante von Win64/Adware.ELEX.L.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ckiqsy\Reejtyqalack.dll"
sh=173E930A06F7F91FDB433D3B34A59F3277C9E799 ft=1 fh=2c0a9a07212a783f vn="Variante von Win32/Adware.ELEX.CP.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ckiqsy\VrgCnt.dll"
sh=588761BB9EF6B37E3618C449AF7FD0B6A661EBE8 ft=1 fh=8e4c9e3ce30ed1e4 vn="Variante von Win32/Adware.ELEX.BZ.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ruferdombother_\Aruwering.dll"
sh=12E2C9719AE473761DE0DE4B6081CE59474B3C22 ft=1 fh=5ec2818a28f24065 vn="Variante von Win64/Adware.ELEX.L.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ruferdombother_\Reejtyqalack.dll"
sh=173E930A06F7F91FDB433D3B34A59F3277C9E799 ft=1 fh=2c0a9a07212a783f vn="Variante von Win32/Adware.ELEX.CP.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ruferdombother_\VrgCnt.dll"
sh=66524F558B3DE85474C731DC0E57E0DDA19A8524 ft=1 fh=65f1579b34161b94 vn="Win32/Injector.DJFJ Trojaner" ac=I fn="C:\Users\Matthias\AppData\Roaming\Daltfind.exe"
sh=A1F402C6997374855EEBD2175D6DDB2C07729E6D ft=1 fh=c1a711a5d1efb6ee vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-1189516615-3406733157-290963412-1001\$RYHSJKL.exe"
Ich würde mich freuen, wenn wir da noch weiter schauen könnten. Ich danke dir aber auf jeden Fall an dieser Stelle schon einmal von ganzem Herzen für deine bisherigen Anstrengungen  Lg |
|
30.12.2016, 19:27
| #11 |
| /// Malwareteam | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Das meiste sind Dateien, die wir vorhin schon manuell entfernt haben Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Matthias\AppData\Roaming\Daltfind.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean  Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Wichtig: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware (gratis Version) und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Das wichtigste zu erst:
Schutz vor unerwünschter Software Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen? Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Tipps, um dein System sicherer zu machen Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell. Passwörter Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.12.2016, 22:26
| #12 |
| | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen Hallo Rafael, hier die das Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Matthias (30-12-2016 22:23:26) Run:3
Gestartet von C:\Users\Matthias\Desktop
Geladene Profile: Matthias (Verfügbare Profile: Matthias & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Matthias\AppData\Roaming\Daltfind.exe
emptytemp:
*****************
"C:\Users\Matthias\AppData\Roaming\Daltfind.exe" => nicht gefunden.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10826851 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 22226 B
Edge => 0 B
Chrome => 0 B
Firefox => 30792359 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14690 B
NetworkService => 0 B
Matthias => 63032801 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 99.9 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:23:27 ====
|
|
30.12.2016, 23:35
| #13 |
| /// Malwareteam | Windows 10: Malware, Adware u.a. Netutils2016 eingefangen perfekt Wünsche dir auch einen schönen virenfreien Rutsch!
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Windows 10: Malware, Adware u.a. Netutils2016 eingefangen |
| administrator, adware, bonjour, defender, desktop, dll, explorer, firefox, flash player, geforce, homepage, kaspersky, launch, malware, mozilla, netutils2016, node.js, nvidia, programme, prozesse, realtek, rundll, scan, security, server, software, super, temp, ublock, ublock origin, windows, windowsapps |
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Linear-Darstellung
