| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet öffnet ständig neue FensterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.03.2017, 21:14
| #1 |
 |  Internet öffnet ständig neue Fenster Hallo liebe Trojanerhelfer, ich habe das Problem, dass sich, wenn ich im Internet surfe, ständig neue Fenster in eigenen Tabs öffnen. Die Themen dieser Fenster sind völlig verschieden (Werbung, Windows Repair, Gewinne und vieles mehr). Ich habe schon lange gebraucht bis hier her zu kommen und den Beitrag zu schreiben, da sich immer nur andere Fenster öffnen. Was kann ich tun? Wo versteckt sich der Virus? Mit freundlichen Grüßen Reen96 |
|
03.03.2017, 21:42
| #2 |
| /// TB-Ausbilder   | Internet öffnet ständig neue Fenster Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
03.03.2017, 22:16
| #3 |
| | Internet öffnet ständig neue Fenster Vielen Dank!
__________________Hier TDSS-Killer: Code:
ATTFilter 22:00:13.0481 0x29d8 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
22:00:13.0481 0x29d8 UEFI system
22:00:16.0997 0x29d8 ============================================================
22:00:16.0997 0x29d8 Current date / time: 2017/03/03 22:00:16.0997
22:00:16.0997 0x29d8 SystemInfo:
22:00:16.0997 0x29d8
22:00:16.0997 0x29d8 OS Version: 10.0.14393 ServicePack: 0.0
22:00:16.0997 0x29d8 Product type: Workstation
22:00:16.0997 0x29d8 ComputerName: DESKTOP-A10S929
22:00:16.0997 0x29d8 UserName: Baby
22:00:16.0997 0x29d8 Windows directory: C:\WINDOWS
22:00:16.0997 0x29d8 System windows directory: C:\WINDOWS
22:00:16.0997 0x29d8 Running under WOW64
22:00:16.0997 0x29d8 Processor architecture: Intel x64
22:00:16.0997 0x29d8 Number of processors: 4
22:00:16.0997 0x29d8 Page size: 0x1000
22:00:16.0997 0x29d8 Boot type: Normal boot
22:00:16.0997 0x29d8 CodeIntegrityOptions = 0x00000001
22:00:16.0997 0x29d8 ============================================================
22:00:17.0309 0x29d8 KLMD registered as C:\WINDOWS\system32\drivers\56145642.sys
22:00:17.0309 0x29d8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
22:00:18.0137 0x29d8 System UUID: {DC30BCFC-A93E-F47D-9442-E72F04A99A9B}
22:00:20.0997 0x29d8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:00:21.0012 0x29d8 ============================================================
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0:
22:00:21.0012 0x29d8 GPT partitions:
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9E1C85E6-2EDD-4BFC-902D-3BCCA502EDBA}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6E7470DD-3887-4817-A1E3-E530E565EA89}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C00315AD-91CA-4933-8C82-EB6D9D2B0C5A}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3543C800
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {14D36E42-9256-4AF9-908B-AEDD97483DD9}, Name: Basic data partition, StartLBA 0x354C7000, BlocksNum 0x3200000
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6018A70-B47F-488E-AA70-EF06BB5A7D63}, Name: Basic data partition, StartLBA 0x386C7000, BlocksNum 0x1F4000
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {98E3C13B-FA5E-4ECD-BA7F-2FEC526715E2}, Name: Basic data partition, StartLBA 0x388BB000, BlocksNum 0x18D7000
22:00:21.0012 0x29d8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6954EAEC-6A48-4090-84B2-43FD22522BAC}, Name: Basic data partition, StartLBA 0x3A192000, BlocksNum 0x1F4000
22:00:21.0012 0x29d8 MBR partitions:
22:00:21.0012 0x29d8 ============================================================
22:00:21.0012 0x29d8 C: <-> \Device\Harddisk0\DR0\Partition3
22:00:21.0028 0x29d8 D: <-> \Device\Harddisk0\DR0\Partition4
22:00:21.0028 0x29d8 ============================================================
22:00:21.0028 0x29d8 Initialize success
22:00:21.0028 0x29d8 ============================================================
22:00:22.0794 0x1884 ============================================================
22:00:22.0794 0x1884 Scan started
22:00:22.0794 0x1884 Mode: Manual;
22:00:22.0794 0x1884 ============================================================
22:00:22.0794 0x1884 KSN ping started
22:00:22.0997 0x1884 KSN ping finished: true
22:00:24.0544 0x1884 ================ Scan system memory ========================
22:00:24.0544 0x1884 System memory - ok
22:00:24.0544 0x1884 ================ Scan services =============================
22:00:24.0731 0x1884 1394ohci - ok
22:00:24.0747 0x1884 3ware - ok
22:00:24.0778 0x1884 ACPI - ok
22:00:24.0794 0x1884 AcpiDev - ok
22:00:24.0825 0x1884 acpiex - ok
22:00:24.0841 0x1884 acpipagr - ok
22:00:24.0872 0x1884 AcpiPmi - ok
22:00:24.0888 0x1884 acpitime - ok
22:00:24.0919 0x1884 [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
22:00:24.0919 0x1884 ACPIVPC - ok
22:00:24.0981 0x1884 ADP80XX - ok
22:00:25.0013 0x1884 AFD - ok
22:00:25.0059 0x1884 ahcache - ok
22:00:25.0075 0x1884 AJRouter - ok
22:00:25.0106 0x1884 ALG - ok
22:00:25.0138 0x1884 AmdK8 - ok
22:00:25.0153 0x1884 AmdPPM - ok
22:00:25.0185 0x1884 amdsata - ok
22:00:25.0216 0x1884 amdsbs - ok
22:00:25.0231 0x1884 amdxata - ok
22:00:25.0247 0x1884 AppID - ok
22:00:25.0278 0x1884 AppIDSvc - ok
22:00:25.0294 0x1884 Appinfo - ok
22:00:25.0325 0x1884 applockerfltr - ok
22:00:25.0356 0x1884 AppReadiness - ok
22:00:25.0388 0x1884 AppXSvc - ok
22:00:25.0419 0x1884 arcsas - ok
22:00:25.0434 0x1884 AsyncMac - ok
22:00:25.0466 0x1884 atapi - ok
22:00:25.0497 0x1884 AudioEndpointBuilder - ok
22:00:25.0513 0x1884 Audiosrv - ok
22:00:25.0575 0x1884 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
22:00:25.0591 0x1884 AVP17.0.0 - ok
22:00:25.0622 0x1884 AxInstSV - ok
22:00:25.0638 0x1884 b06bdrv - ok
22:00:25.0669 0x1884 BasicDisplay - ok
22:00:25.0684 0x1884 BasicRender - ok
22:00:25.0731 0x1884 bcmfn - ok
22:00:25.0763 0x1884 bcmfn2 - ok
22:00:25.0778 0x1884 BDESVC - ok
22:00:25.0809 0x1884 Beep - ok
22:00:25.0825 0x1884 BFE - ok
22:00:25.0856 0x1884 BITS - ok
22:00:25.0888 0x1884 bowser - ok
22:00:25.0919 0x1884 BrokerInfrastructure - ok
22:00:25.0950 0x1884 Browser - ok
22:00:25.0966 0x1884 BthAvrcpTg - ok
22:00:25.0997 0x1884 BthEnum - ok
22:00:26.0013 0x1884 BthHFEnum - ok
22:00:26.0044 0x1884 bthhfhid - ok
22:00:26.0059 0x1884 BthHFSrv - ok
22:00:26.0091 0x1884 BthLEEnum - ok
22:00:26.0122 0x1884 BTHMODEM - ok
22:00:26.0138 0x1884 BthPan - ok
22:00:26.0169 0x1884 BTHPORT - ok
22:00:26.0184 0x1884 bthserv - ok
22:00:26.0216 0x1884 BTHUSB - ok
22:00:26.0247 0x1884 buttonconverter - ok
22:00:26.0263 0x1884 CapImg - ok
22:00:26.0356 0x1884 [ C267A09490883B77E7678DCF38E3B723, 8FD7858B5BA84CF3640E250DE2448E383E6233BE6F3E92FDB702DB82111A9AF0 ] CCSDK C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
22:00:26.0434 0x1884 CCSDK - ok
22:00:26.0450 0x1884 cdfs - ok
22:00:26.0481 0x1884 CDPSvc - ok
22:00:26.0497 0x1884 CDPUserSvc - ok
22:00:26.0559 0x1884 cdrom - ok
22:00:26.0575 0x1884 CertPropSvc - ok
22:00:26.0622 0x1884 [ 3CA560EE2846FCC7A212ECC0A30AA24B, AF23987DA4F9EC2BC524C787F30BE49C34A3F9716E32046F510766E1F3A08A9A ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
22:00:26.0622 0x1884 cfwids - ok
22:00:26.0653 0x1884 cht4iscsi - ok
22:00:26.0684 0x1884 cht4vbd - ok
22:00:26.0700 0x1884 circlass - ok
22:00:26.0731 0x1884 CLFS - ok
22:00:27.0122 0x1884 [ CB6AC02C92BBA30187EA4591D771660E, B3BB15DC814F131672D864CAAD1537933EE83C9029DF143E5E105077EA4D7F30 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:00:27.0466 0x1884 ClickToRunSvc - ok
22:00:27.0513 0x1884 ClipSVC - ok
22:00:27.0544 0x1884 clreg - ok
22:00:27.0622 0x1884 CmBatt - ok
22:00:27.0669 0x1884 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
22:00:27.0700 0x1884 cm_km - ok
22:00:27.0731 0x1884 CNG - ok
22:00:27.0747 0x1884 cnghwassist - ok
22:00:27.0856 0x1884 CompositeBus - ok
22:00:27.0888 0x1884 COMSysApp - ok
22:00:27.0919 0x1884 condrv - ok
22:00:27.0950 0x1884 CoreMessagingRegistrar - ok
22:00:28.0060 0x1884 [ AA4C3229C6C1765D996F43F43FE4FBED, E0D341E63DB6F3E7F8BFB09D3D643009F345380BF94736576595A6DDD37A5E03 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
22:00:28.0106 0x1884 cphs - ok
22:00:28.0138 0x1884 CryptSvc - ok
22:00:28.0169 0x1884 dam - ok
22:00:28.0216 0x1884 DcomLaunch - ok
22:00:28.0247 0x1884 DcpSvc - ok
22:00:28.0294 0x1884 defragsvc - ok
22:00:28.0310 0x1884 DeviceAssociationService - ok
22:00:28.0341 0x1884 DeviceInstall - ok
22:00:28.0372 0x1884 DevQueryBroker - ok
22:00:28.0403 0x1884 Dfsc - ok
22:00:28.0435 0x1884 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:00:28.0466 0x1884 dg_ssudbus - ok
22:00:28.0481 0x1884 Dhcp - ok
22:00:28.0513 0x1884 diagnosticshub.standardcollector.service - ok
22:00:28.0528 0x1884 DiagTrack - ok
22:00:28.0560 0x1884 disk - ok
22:00:28.0591 0x1884 DmEnrollmentSvc - ok
22:00:28.0606 0x1884 dmvsc - ok
22:00:28.0638 0x1884 dmwappushservice - ok
22:00:28.0669 0x1884 Dnscache - ok
22:00:28.0700 0x1884 dot3svc - ok
22:00:28.0731 0x1884 DPS - ok
22:00:28.0763 0x1884 drmkaud - ok
22:00:28.0778 0x1884 DsmSvc - ok
22:00:28.0810 0x1884 DsSvc - ok
22:00:28.0841 0x1884 DXGKrnl - ok
22:00:28.0872 0x1884 EapHost - ok
22:00:28.0903 0x1884 ebdrv - ok
22:00:28.0935 0x1884 EFS - ok
22:00:28.0950 0x1884 EhStorClass - ok
22:00:28.0981 0x1884 EhStorTcgDrv - ok
22:00:29.0185 0x1884 [ 9DF468D8CCE3B3BD200CFB31E9EA17BB, D2700E2ACB034E8698E81526E7470E265E1F791503ED528E66ED0BB574CA6FFA ] ElfoService C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe
22:00:29.0310 0x1884 ElfoService - ok
22:00:29.0325 0x1884 embeddedmode - ok
22:00:29.0356 0x1884 EntAppSvc - ok
22:00:29.0388 0x1884 ErrDev - ok
22:00:29.0481 0x1884 [ 4F1F28FD1E5618444B7F529C27E063C7, 1964B4B45F9FDCFE0F7F3C7121D96081A13EAA6E6DFE39FA9CD2D7B06091B6A6 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
22:00:29.0528 0x1884 ETD - ok
22:00:29.0560 0x1884 [ CD7256F391779D5473BDED03C1537AF7, EFC5FA3AF9BE390FC5BD25D9A2969E12D5A9FF60D07C8B25C53278E16925A08D ] ETDService C:\Program Files\Elantech\ETDService.exe
22:00:29.0575 0x1884 ETDService - ok
22:00:29.0606 0x1884 [ 7A6A9202245A8D93B771734C543FBB2D, A1B452E2F97988F128B4A6FFFC89C6F8F9FE39DD0D0C574EC3C3ACA7C4DCBE27 ] ETDSMBus C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys
22:00:29.0606 0x1884 ETDSMBus - ok
22:00:29.0638 0x1884 EventSystem - ok
22:00:29.0747 0x1884 [ 6DCB7233AAD29E43331B3ECFCC8FB8D1, A8E203BB774A4E055C871E9A28F958287A75E8BEA42496E6BA9983063CF6C539 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:00:29.0810 0x1884 EvtEng - ok
22:00:29.0841 0x1884 exfat - ok
22:00:29.0856 0x1884 fastfat - ok
22:00:29.0888 0x1884 Fax - ok
22:00:29.0919 0x1884 fdc - ok
22:00:29.0950 0x1884 fdPHost - ok
22:00:29.0966 0x1884 FDResPub - ok
22:00:29.0997 0x1884 fhsvc - ok
22:00:30.0013 0x1884 FileCrypt - ok
22:00:30.0044 0x1884 FileInfo - ok
22:00:30.0075 0x1884 Filetrace - ok
22:00:30.0106 0x1884 flpydisk - ok
22:00:30.0122 0x1884 FltMgr - ok
22:00:30.0153 0x1884 FontCache - ok
22:00:30.0185 0x1884 FontCache3.0.0.0 - ok
22:00:30.0200 0x1884 FrameServer - ok
22:00:30.0247 0x1884 FsDepends - ok
22:00:30.0278 0x1884 Fs_Rec - ok
22:00:30.0310 0x1884 fvevol - ok
22:00:30.0481 0x1884 [ D56EE61F9B62AD677395BF003A49B4A7, A4B657AF38253F4BAE2A8BE7E9453E662BC378773A93631C0445C96267296B53 ] GDCAgent C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
22:00:30.0606 0x1884 GDCAgent - ok
22:00:30.0638 0x1884 gencounter - ok
22:00:30.0653 0x1884 genericusbfn - ok
22:00:30.0685 0x1884 GPIOClx0101 - ok
22:00:30.0716 0x1884 gpsvc - ok
22:00:30.0731 0x1884 GpuEnergyDrv - ok
22:00:30.0763 0x1884 HDAudBus - ok
22:00:30.0778 0x1884 HidBatt - ok
22:00:30.0810 0x1884 HidBth - ok
22:00:30.0841 0x1884 hidi2c - ok
22:00:30.0856 0x1884 hidinterrupt - ok
22:00:30.0888 0x1884 HidIr - ok
22:00:30.0919 0x1884 hidserv - ok
22:00:30.0950 0x1884 HidUsb - ok
22:00:30.0997 0x1884 [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
22:00:31.0028 0x1884 HipShieldK - ok
22:00:31.0060 0x1884 HomeGroupListener - ok
22:00:31.0075 0x1884 HomeGroupProvider - ok
22:00:31.0106 0x1884 HpSAMD - ok
22:00:31.0138 0x1884 HTTP - ok
22:00:31.0153 0x1884 HvHost - ok
22:00:31.0185 0x1884 hvservice - ok
22:00:31.0216 0x1884 hwpolicy - ok
22:00:31.0231 0x1884 hyperkbd - ok
22:00:31.0263 0x1884 HyperVideo - ok
22:00:31.0294 0x1884 i8042prt - ok
22:00:31.0310 0x1884 iagpio - ok
22:00:31.0341 0x1884 iai2c - ok
22:00:31.0372 0x1884 iaLPSS2i_GPIO2 - ok
22:00:31.0403 0x1884 iaLPSS2i_I2C - ok
22:00:31.0419 0x1884 iaLPSSi_GPIO - ok
22:00:31.0450 0x1884 iaLPSSi_I2C - ok
22:00:31.0481 0x1884 [ 8FD3487A6AE70321404C34AC278840D8, 2BD7720A7D907F5D036982D4DA32128D427CE5110544F51F003C7693A51A29EE ] iaLPSS_GPIO C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys
22:00:31.0497 0x1884 iaLPSS_GPIO - ok
22:00:31.0685 0x1884 [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
22:00:31.0825 0x1884 iaStorA - ok
22:00:31.0841 0x1884 iaStorAV - ok
22:00:31.0872 0x1884 [ D90885430767C6152AF908D57A5159AC, A3C25AA5CDDFBBA91199F673471C64A8A4792A0F2D642F46AD54B18879A464B1 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:00:31.0888 0x1884 IAStorDataMgrSvc - ok
22:00:31.0903 0x1884 iaStorV - ok
22:00:31.0935 0x1884 ibbus - ok
22:00:31.0966 0x1884 ibtsiva - ok
22:00:32.0028 0x1884 [ C5547F54E191D36AFD3A3654CBA65806, FC4EA1FFE2077FE17C536C0674CBC61EFDA138BC145346DA67742C15A93D9C1A ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
22:00:32.0044 0x1884 ibtusb - ok
22:00:32.0075 0x1884 icssvc - ok
22:00:32.0856 0x1884 [ 1E64B1ACBA54360B4BA2D6DB3C4F482E, D25B2DBBA6C82D29B080960961775726A16CB24426BFEEF18F966AD7C54801F3 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
22:00:33.0544 0x1884 igfx - ok
22:00:33.0638 0x1884 [ 7075C9341BBB75F7E54AAB291AB82223, 16779559625C78C0C15A030FB5EB03D18D163CD71FB703B003A25DA0E0F50BCA ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
22:00:33.0716 0x1884 igfxCUIService2.0.0.0 - ok
22:00:33.0731 0x1884 IKEEXT - ok
22:00:33.0763 0x1884 [ CDA315AF0F1DAA6925AA5442FA2412F4, 82E00696C65FAA715066096751560803ADFAD1765086D7806F11D6F64FAC03BB ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
22:00:33.0778 0x1884 ImControllerService - ok
22:00:33.0794 0x1884 IndirectKmd - ok
22:00:34.0356 0x1884 [ 73D45AF87AD38A24CD9EA7834324D41C, 893BE814F4EE53CFC47AD783D88BC457CA4F23AE37BF3FAE8ED51DB815260259 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:00:34.0825 0x1884 IntcAzAudAddService - ok
22:00:34.0935 0x1884 [ C8D2B9B619E5A1E33C0A5CA8F0870298, F61941F2B6C65BDEF17514F0D991EA11D8F3D4B959DAA47C483277C63E910733 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:00:34.0997 0x1884 IntcDAud - ok
22:00:35.0138 0x1884 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:00:35.0216 0x1884 Intel(R) Capability Licensing Service TCP IP Interface - ok
22:00:35.0278 0x1884 [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
22:00:35.0310 0x1884 Intel(R) Security Assist - ok
22:00:35.0325 0x1884 intelide - ok
22:00:35.0341 0x1884 intelpep - ok
22:00:35.0372 0x1884 intelppm - ok
22:00:35.0403 0x1884 iorate - ok
22:00:35.0435 0x1884 IpFilterDriver - ok
22:00:35.0466 0x1884 iphlpsvc - ok
22:00:35.0481 0x1884 IPMIDRV - ok
22:00:35.0513 0x1884 IPNAT - ok
22:00:35.0528 0x1884 irda - ok
22:00:35.0560 0x1884 IRENUM - ok
22:00:35.0591 0x1884 irmon - ok
22:00:35.0606 0x1884 [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
22:00:35.0622 0x1884 isaHelperSvc - ok
22:00:35.0638 0x1884 isapnp - ok
22:00:35.0669 0x1884 iScsiPrt - ok
22:00:35.0700 0x1884 [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:00:35.0731 0x1884 jhi_service - ok
22:00:35.0763 0x1884 kbdclass - ok
22:00:35.0794 0x1884 kbdhid - ok
22:00:35.0825 0x1884 kdnic - ok
22:00:35.0841 0x1884 KeyIso - ok
22:00:35.0919 0x1884 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
22:00:35.0982 0x1884 kl1 - ok
22:00:36.0013 0x1884 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
22:00:36.0028 0x1884 klbackupdisk - ok
22:00:36.0060 0x1884 [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
22:00:36.0075 0x1884 klbackupflt - ok
22:00:36.0091 0x1884 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
22:00:36.0107 0x1884 kldisk - ok
22:00:36.0153 0x1884 [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
22:00:36.0169 0x1884 klelam - ok
22:00:36.0232 0x1884 [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
22:00:36.0247 0x1884 klflt - ok
22:00:36.0310 0x1884 [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk C:\WINDOWS\System32\drivers\klhk.sys
22:00:36.0357 0x1884 klhk - ok
22:00:36.0435 0x1884 [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
22:00:36.0450 0x1884 klids - ok
22:00:36.0575 0x1884 [ 2CE22F21119A089277B067A1B1BDC592, 7CDE229899B6344967098FB03C7C1C360CC3DC2DCC096F8AAC6CC96536FF1AE9 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
22:00:36.0685 0x1884 KLIF - ok
22:00:36.0716 0x1884 [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
22:00:36.0716 0x1884 KLIM6 - ok
22:00:36.0747 0x1884 [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
22:00:36.0763 0x1884 klkbdflt - ok
22:00:36.0778 0x1884 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
22:00:36.0794 0x1884 klmouflt - ok
22:00:36.0825 0x1884 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
22:00:36.0825 0x1884 klpd - ok
22:00:36.0857 0x1884 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\WINDOWS\System32\drivers\kltap.sys
22:00:36.0857 0x1884 kltap - ok
22:00:36.0935 0x1884 [ 66516A704F1D378E58B85D79633C103D, 54E3EB342D2FD17CF742A8ACADCA81A553216AA289955DD176A54D6414727DA5 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
22:00:36.0950 0x1884 klupd_klif_arkmon - ok
22:00:36.0982 0x1884 [ 941727CDC11A0E1A407B602D88CD58CB, 8E290245A42E75FC532A72A850BAF5516BA7488BEF015F46CA9D215BCA0D7CE0 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
22:00:36.0997 0x1884 klupd_klif_kimul - ok
22:00:37.0044 0x1884 [ 55FC7F42A5AA55A265CE466227ABD0DE, AB72152F39460327D74DB693BFB36A93BC2D752653D3633BB7F439DC4B9AB081 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
22:00:37.0075 0x1884 klupd_klif_klark - ok
22:00:37.0107 0x1884 [ D7709E365C10F99DE58BB688C45358B7, C028FB885B7A4AFB98FD2B8EABF99E913F480891A9ED859FE5B4E077BDE8ACB5 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
22:00:37.0122 0x1884 klupd_klif_klbg - ok
22:00:37.0153 0x1884 [ 8D7E0B5D4F843D39AA1F644B2578B0EE, C4A8E569A253738AA7B7CDE8D0E987954D1DA6BE6F32D962BD458CA5275A5D76 ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
22:00:37.0169 0x1884 klupd_klif_mark - ok
22:00:37.0216 0x1884 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
22:00:37.0216 0x1884 klvssbrigde64 - ok
22:00:37.0247 0x1884 [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
22:00:37.0263 0x1884 klwfp - ok
22:00:37.0294 0x1884 [ EF1AFCADCA485B3846D7A8B71F87509B, C27B579742389ACD8804EC372CBA3C4FDFFB1A8AA6280AE1353BC089E8E34C76 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
22:00:37.0310 0x1884 Klwtp - ok
22:00:37.0357 0x1884 [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
22:00:37.0388 0x1884 kneps - ok
22:00:37.0450 0x1884 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
22:00:37.0466 0x1884 KSDE1.0.0 - ok
22:00:37.0482 0x1884 KSecDD - ok
22:00:37.0528 0x1884 KSecPkg - ok
22:00:37.0544 0x1884 ksthunk - ok
22:00:37.0575 0x1884 KtmRm - ok
22:00:37.0591 0x1884 LanmanServer - ok
22:00:37.0622 0x1884 LanmanWorkstation - ok
22:00:37.0653 0x1884 lfsvc - ok
22:00:37.0685 0x1884 LicenseManager - ok
22:00:37.0716 0x1884 lltdio - ok
22:00:37.0732 0x1884 lltdsvc - ok
22:00:37.0763 0x1884 lmhosts - ok
22:00:37.0841 0x1884 [ 1CE3A27B6B0658F4242AB2DECE69704E, FB705D43554478FA438CE600DAD65C5885858ABF9FCB5D9CC6E5F7C87FD6A853 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:00:37.0872 0x1884 LMS - ok
22:00:37.0919 0x1884 LSI_SAS - ok
22:00:37.0935 0x1884 LSI_SAS2i - ok
22:00:37.0966 0x1884 LSI_SAS3i - ok
22:00:37.0982 0x1884 LSI_SSS - ok
22:00:38.0013 0x1884 LSM - ok
22:00:38.0044 0x1884 luafv - ok
22:00:38.0060 0x1884 MapsBroker - ok
22:00:38.0278 0x1884 [ 40B02F6D4B331443CC7E879BCD87100F, ACF976DC9565A905F71EFE9A25516A0F1B128E70B961B8D8256F51474B1F78D7 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
22:00:38.0450 0x1884 mccspsvc - ok
22:00:38.0482 0x1884 megasas - ok
22:00:38.0497 0x1884 megasas2i - ok
22:00:38.0528 0x1884 megasr - ok
22:00:38.0575 0x1884 [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
22:00:38.0591 0x1884 MEIx64 - ok
22:00:38.0622 0x1884 MessagingService - ok
22:00:38.0732 0x1884 [ 22CE39824DECE03C8DEF8832F029E3ED, C036E7E28BD4B90B29AF5B389486836137DCF9AB371D9D98CB12AD06F4107015 ] mfeaack C:\WINDOWS\system32\drivers\mfeaack.sys
22:00:38.0763 0x1884 mfeaack - ok
22:00:38.0825 0x1884 [ FB9188B17958E6DFE959D23281547605, A595D8D9A34BF390AA648883FCBAF38E96B896FAD43D97EA4F4DA791812626F2 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
22:00:38.0872 0x1884 mfeavfk - ok
22:00:38.0903 0x1884 [ 7257ECF649C19DCBEB3B5CFF5B9323EC, 1A0D0B2DDFD00628E891B5667143C8AFB698F21242574457E5222D7F6ACD5A61 ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys
22:00:38.0919 0x1884 mfeelamk - ok
22:00:38.0966 0x1884 [ 95A4DC60385F57418BD3361262D5F7C8, 5FAAE03B306710509E36A7B77DE9D36E4A1A38832403C29247E1A8B8C1D918B3 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:00:38.0982 0x1884 mfefire - ok
22:00:39.0060 0x1884 [ A2163D325F01DA86E140C91D3560C95E, 49D94BA855746591E545A6C82690E5F0B228E43FDD5AE3940F2D62835BFD7A96 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
22:00:39.0107 0x1884 mfefirek - ok
22:00:39.0216 0x1884 [ C30A6CB5A1B908643EEE9651E94BFE92, 394CDE243A10E5AB91FF27E722E4E8E23B5AC50EEB2A8D6A7BDB37DB0A0E23FB ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
22:00:39.0294 0x1884 mfehidk - ok
22:00:39.0372 0x1884 [ 8703CE0AF859D00B37254E1858E68B40, 09D27BEDA8290DB3C2FBC4CCD8AA86AA8761E9975EBEF0260CA9BB57468F4025 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:00:39.0403 0x1884 mfemms - ok
22:00:39.0482 0x1884 [ 34812CE00FAE95A6275D6B58072457F5, 23118A5E58F88AF5B8C5D4C15AEFA99C47D37A8E8C8FBF840DEEECC3C483AD8B ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
22:00:39.0528 0x1884 mfencbdc - ok
22:00:39.0560 0x1884 [ CF9D4FCA3A5C737DCF72B9F94BB0AC62, 8534DADB74EF745F50A1A148DE5CBAD573B890C604CDA08276CDE3D5C2E8788F ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
22:00:39.0575 0x1884 mfencrk - ok
22:00:39.0622 0x1884 [ 8DFE9C58B1509E3BBC6FD92B954204D9, 72D519AB2F5E3A335C61C1B632BB846FCD6406194EC36E965D52C1028E68FB33 ] mfevtp C:\Windows\system32\mfevtps.exe
22:00:39.0669 0x1884 mfevtp - ok
22:00:39.0716 0x1884 [ ECDFB70AB9C0DC93E0A7AE4B0893E39F, 5021C95E01870C35A3B6A5423E8BA432B4CC2014B8C6B5FD766393A963C59C35 ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys
22:00:39.0747 0x1884 mfewfpk - ok
22:00:39.0763 0x1884 mlx4_bus - ok
22:00:39.0778 0x1884 MMCSS - ok
22:00:39.0810 0x1884 Modem - ok
22:00:39.0966 0x1884 [ DFB4BC8B5CD8C85D0BD9E608898901FB, AB3BB7FA2D23A5B7815E85F7A73E3F36E95D8FD895F76FA9936AD4C1DA1849EF ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
22:00:40.0107 0x1884 ModuleCoreService - ok
22:00:40.0138 0x1884 monitor - ok
22:00:40.0153 0x1884 mouclass - ok
22:00:40.0185 0x1884 mouhid - ok
22:00:40.0200 0x1884 mountmgr - ok
22:00:40.0247 0x1884 [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:00:40.0278 0x1884 MozillaMaintenance - ok
22:00:40.0294 0x1884 mpsdrv - ok
22:00:40.0325 0x1884 MpsSvc - ok
22:00:40.0357 0x1884 MRxDAV - ok
22:00:40.0372 0x1884 mrxsmb - ok
22:00:40.0403 0x1884 mrxsmb10 - ok
22:00:40.0435 0x1884 mrxsmb20 - ok
22:00:40.0466 0x1884 MsBridge - ok
22:00:40.0497 0x1884 MSDTC - ok
22:00:40.0544 0x1884 Msfs - ok
22:00:40.0575 0x1884 msgpiowin32 - ok
22:00:40.0591 0x1884 mshidkmdf - ok
22:00:40.0622 0x1884 mshidumdf - ok
22:00:40.0638 0x1884 msisadrv - ok
22:00:40.0669 0x1884 MSiSCSI - ok
22:00:40.0700 0x1884 msiserver - ok
22:00:40.0732 0x1884 MSKSSRV - ok
22:00:40.0747 0x1884 MsLldp - ok
22:00:40.0778 0x1884 MSPCLOCK - ok
22:00:40.0810 0x1884 MSPQM - ok
22:00:40.0841 0x1884 MsRPC - ok
22:00:40.0857 0x1884 mssmbios - ok
22:00:40.0888 0x1884 MSTEE - ok
22:00:40.0903 0x1884 MTConfig - ok
22:00:40.0935 0x1884 Mup - ok
22:00:40.0966 0x1884 mvumis - ok
22:00:41.0013 0x1884 [ F1F6EE6C068CBDB80BAC43A79591F1F2, 39387A25ECFBFDD5B6A43A9A2CA2EC5703D0CCCFFE36C989B0E461B72C242D1C ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:00:41.0028 0x1884 MyWiFiDHCPDNS - ok
22:00:41.0060 0x1884 NativeWifiP - ok
22:00:41.0091 0x1884 NcaSvc - ok
22:00:41.0122 0x1884 NcbService - ok
22:00:41.0138 0x1884 NcdAutoSetup - ok
22:00:41.0153 0x1884 ndfltr - ok
22:00:41.0185 0x1884 NDIS - ok
22:00:41.0216 0x1884 NdisCap - ok
22:00:41.0232 0x1884 NdisImPlatform - ok
22:00:41.0263 0x1884 NdisTapi - ok
22:00:41.0278 0x1884 Ndisuio - ok
22:00:41.0294 0x1884 NdisVirtualBus - ok
22:00:41.0325 0x1884 NdisWan - ok
22:00:41.0357 0x1884 ndiswanlegacy - ok
22:00:41.0372 0x1884 ndproxy - ok
22:00:41.0403 0x1884 Ndu - ok
22:00:41.0419 0x1884 NetAdapterCx - ok
22:00:41.0450 0x1884 NetBIOS - ok
22:00:41.0497 0x1884 NetBT - ok
22:00:41.0513 0x1884 Netlogon - ok
22:00:41.0560 0x1884 Netman - ok
22:00:41.0575 0x1884 netprofm - ok
22:00:41.0607 0x1884 NetSetupSvc - ok
22:00:41.0638 0x1884 NetTcpPortSharing - ok
22:00:41.0763 0x1884 [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016 C:\Windows\system32\drivers\NetUtils2016.sys
22:00:41.0857 0x1884 NetUtils2016 - ok
22:00:41.0888 0x1884 netvsc - ok
22:00:42.0341 0x1884 [ 93F9E44D6AA0FFDE901D53CEF389AADD, 6DBF20DD61F6BF478D3099343B23DC4F45D836192B4E3E95EF0CEAFD63799128 ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
22:00:42.0732 0x1884 NETwNb64 - ok
22:00:43.0107 0x1884 [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64 C:\WINDOWS\System32\drivers\NETwew01.sys
22:00:43.0419 0x1884 NETwNe64 - ok
22:00:43.0450 0x1884 NgcCtnrSvc - ok
22:00:43.0482 0x1884 NgcSvc - ok
22:00:43.0513 0x1884 NlaSvc - ok
22:00:43.0544 0x1884 Npfs - ok
22:00:43.0560 0x1884 npsvctrig - ok
22:00:43.0591 0x1884 nsi - ok
22:00:43.0622 0x1884 nsiproxy - ok
22:00:43.0653 0x1884 NTFS - ok
22:00:43.0685 0x1884 Null - ok
22:00:43.0716 0x1884 nvraid - ok
22:00:43.0747 0x1884 nvstor - ok
22:00:43.0841 0x1884 [ 6EECE59EA8BF0FDA859E8D5962081EF2, 8F5A6F648269DBA616DAB1E34940CCE6BE25D0B8EB4C0BFB380FA626EF13A11F ] ogmservice C:\Program Files (x86)\Online Games Manager\ogmservice.exe
22:00:43.0888 0x1884 ogmservice - ok
22:00:43.0919 0x1884 OneSyncSvc - ok
22:00:43.0982 0x1884 [ 5C12E1436BD6CC9ED022CA5335D4F1A0, CE323DE98A4328B348193B10867E16C840224559F391213590629360EFB5F33D ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:43.0997 0x1884 ose - ok
22:00:44.0028 0x1884 p2pimsvc - ok
22:00:44.0044 0x1884 p2psvc - ok
22:00:44.0076 0x1884 Parport - ok
22:00:44.0107 0x1884 partmgr - ok
22:00:44.0138 0x1884 PcaSvc - ok
22:00:44.0154 0x1884 pci - ok
22:00:44.0185 0x1884 pciide - ok
22:00:44.0216 0x1884 pcmcia - ok
22:00:44.0247 0x1884 pcw - ok
22:00:44.0279 0x1884 pdc - ok
22:00:44.0310 0x1884 PEAUTH - ok
22:00:44.0435 0x1884 [ EDD4C63050ED1821B4C92D06FFD7180B, 33C6B54147771C813CD78CEF66C0A76CA50D9F1D13D41E6764310BF8C0D8D89D ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
22:00:44.0513 0x1884 PEFService - ok
22:00:44.0544 0x1884 percsas2i - ok
22:00:44.0575 0x1884 percsas3i - ok
22:00:44.0685 0x1884 PerfHost - ok
22:00:44.0747 0x1884 PhoneSvc - ok
22:00:44.0779 0x1884 PimIndexMaintenanceSvc - ok
22:00:44.0825 0x1884 pla - ok
22:00:44.0841 0x1884 PlugPlay - ok
22:00:44.0872 0x1884 PNRPAutoReg - ok
22:00:44.0904 0x1884 PNRPsvc - ok
22:00:44.0935 0x1884 PolicyAgent - ok
22:00:44.0982 0x1884 Power - ok
22:00:45.0013 0x1884 PptpMiniport - ok
22:00:45.0044 0x1884 PrintNotify - ok
22:00:45.0075 0x1884 Processor - ok
22:00:45.0107 0x1884 ProfSvc - ok
22:00:45.0138 0x1884 Psched - ok
22:00:45.0169 0x1884 QWAVE - ok
22:00:45.0200 0x1884 QWAVEdrv - ok
22:00:45.0232 0x1884 RasAcd - ok
22:00:45.0263 0x1884 RasAgileVpn - ok
22:00:45.0294 0x1884 RasAuto - ok
22:00:45.0325 0x1884 Rasl2tp - ok
22:00:45.0357 0x1884 RasMan - ok
22:00:45.0388 0x1884 RasPppoe - ok
22:00:45.0419 0x1884 RasSstp - ok
22:00:45.0450 0x1884 rdbss - ok
22:00:45.0497 0x1884 rdpbus - ok
22:00:45.0529 0x1884 RDPDR - ok
22:00:45.0575 0x1884 RdpVideoMiniport - ok
22:00:45.0607 0x1884 rdyboost - ok
22:00:45.0638 0x1884 ReFSv1 - ok
22:00:45.0685 0x1884 [ B91EE7363FDC2B0CB1C5E6190B46F7DC, 650EE0262F2EE242D99A5BE013A64F76CA3537274C0B9313F9BD7741ACF38017 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:00:45.0700 0x1884 RegSrvc - ok
22:00:45.0747 0x1884 RemoteAccess - ok
22:00:45.0779 0x1884 RemoteRegistry - ok
22:00:45.0810 0x1884 RetailDemo - ok
22:00:45.0841 0x1884 RFCOMM - ok
22:00:45.0857 0x1884 RmSvc - ok
22:00:45.0888 0x1884 RpcEptMapper - ok
22:00:45.0919 0x1884 RpcLocator - ok
22:00:45.0950 0x1884 RpcSs - ok
22:00:45.0966 0x1884 rspndr - ok
22:00:46.0075 0x1884 [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
22:00:46.0169 0x1884 rt640x64 - ok
22:00:46.0482 0x1884 [ 924449B5A5A6AC96BBBED49915E40719, A72CBE9A23919911874CA66CA1B18B77F0B4BDA1C3592B60DB338F23A8FD83D6 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
22:00:46.0763 0x1884 rtsuvc - ok
22:00:46.0794 0x1884 s3cap - ok
22:00:46.0825 0x1884 SamSs - ok
22:00:46.0857 0x1884 sbp2port - ok
22:00:46.0888 0x1884 SCardSvr - ok
22:00:46.0919 0x1884 ScDeviceEnum - ok
22:00:46.0950 0x1884 scfilter - ok
22:00:46.0966 0x1884 Schedule - ok
22:00:46.0997 0x1884 scmbus - ok
22:00:47.0029 0x1884 scmdisk0101 - ok
22:00:47.0060 0x1884 SCPolicySvc - ok
22:00:47.0075 0x1884 sdbus - ok
22:00:47.0107 0x1884 SDRSVC - ok
22:00:47.0138 0x1884 sdstor - ok
22:00:47.0169 0x1884 seclogon - ok
22:00:47.0200 0x1884 SENS - ok
22:00:47.0216 0x1884 SensorDataService - ok
22:00:47.0247 0x1884 SensorService - ok
22:00:47.0279 0x1884 SensorsHIDClassDriver - ok
22:00:47.0310 0x1884 SensrSvc - ok
22:00:47.0325 0x1884 SerCx - ok
22:00:47.0357 0x1884 SerCx2 - ok
22:00:47.0388 0x1884 Serenum - ok
22:00:47.0404 0x1884 Serial - ok
22:00:47.0435 0x1884 sermouse - ok
22:00:47.0513 0x1884 SessionEnv - ok
22:00:47.0544 0x1884 sfloppy - ok
22:00:47.0575 0x1884 SharedAccess - ok
22:00:47.0591 0x1884 ShellHWDetection - ok
22:00:47.0622 0x1884 shpamsvc - ok
22:00:47.0638 0x1884 SiSRaid2 - ok
22:00:47.0669 0x1884 SiSRaid4 - ok
22:00:47.0700 0x1884 smphost - ok
22:00:47.0732 0x1884 SmsRouter - ok
22:00:47.0779 0x1884 SNMPTRAP - ok
22:00:47.0794 0x1884 spaceport - ok
22:00:47.0825 0x1884 SpbCx - ok
22:00:47.0857 0x1884 Spooler - ok
22:00:47.0888 0x1884 sppsvc - ok
22:00:47.0919 0x1884 srv - ok
22:00:47.0950 0x1884 srv2 - ok
22:00:47.0966 0x1884 srvnet - ok
22:00:47.0997 0x1884 SSDPSRV - ok
22:00:48.0029 0x1884 SstpSvc - ok
22:00:48.0075 0x1884 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:00:48.0091 0x1884 ssudmdm - ok
22:00:48.0122 0x1884 StateRepository - ok
22:00:48.0138 0x1884 stexstor - ok
22:00:48.0169 0x1884 stisvc - ok
22:00:48.0200 0x1884 storahci - ok
22:00:48.0232 0x1884 storflt - ok
22:00:48.0263 0x1884 stornvme - ok
22:00:48.0294 0x1884 storqosflt - ok
22:00:48.0310 0x1884 StorSvc - ok
22:00:48.0341 0x1884 storufs - ok
22:00:48.0372 0x1884 storvsc - ok
22:00:48.0404 0x1884 svsvc - ok
22:00:48.0419 0x1884 swenum - ok
22:00:48.0450 0x1884 swprv - ok
22:00:48.0482 0x1884 Synth3dVsc - ok
22:00:48.0513 0x1884 SysMain - ok
22:00:48.0544 0x1884 SystemEventsBroker - ok
22:00:48.0575 0x1884 TabletInputService - ok
22:00:48.0607 0x1884 TapiSrv - ok
22:00:48.0622 0x1884 Tcpip - ok
22:00:48.0654 0x1884 Tcpip6 - ok
22:00:48.0700 0x1884 tcpipreg - ok
22:00:48.0747 0x1884 tdx - ok
22:00:48.0763 0x1884 terminpt - ok
22:00:48.0794 0x1884 TermService - ok
22:00:48.0825 0x1884 Themes - ok
22:00:48.0857 0x1884 TieringEngineService - ok
22:00:48.0888 0x1884 tiledatamodelsvc - ok
22:00:48.0919 0x1884 TimeBrokerSvc - ok
22:00:48.0935 0x1884 TPM - ok
22:00:48.0966 0x1884 TrkWks - ok
22:00:48.0997 0x1884 TrustedInstaller - ok
22:00:49.0044 0x1884 tsusbflt - ok
22:00:49.0075 0x1884 TsUsbGD - ok
22:00:49.0107 0x1884 tunnel - ok
22:00:49.0122 0x1884 tzautoupdate - ok
22:00:49.0154 0x1884 UASPStor - ok
22:00:49.0185 0x1884 UcmCx0101 - ok
22:00:49.0216 0x1884 UcmTcpciCx0101 - ok
22:00:49.0247 0x1884 UcmUcsi - ok
22:00:49.0263 0x1884 Ucx01000 - ok
22:00:49.0294 0x1884 UdeCx - ok
22:00:49.0310 0x1884 udfs - ok
22:00:49.0341 0x1884 UEFI - ok
22:00:49.0372 0x1884 Ufx01000 - ok
22:00:49.0404 0x1884 UfxChipidea - ok
22:00:49.0435 0x1884 ufxsynopsys - ok
22:00:49.0482 0x1884 UI0Detect - ok
22:00:49.0513 0x1884 umbus - ok
22:00:49.0529 0x1884 UmPass - ok
22:00:49.0560 0x1884 UmRdpService - ok
22:00:49.0591 0x1884 UnistoreSvc - ok
22:00:49.0638 0x1884 upnphost - ok
22:00:49.0654 0x1884 UrsChipidea - ok
22:00:49.0685 0x1884 UrsCx01000 - ok
22:00:49.0716 0x1884 UrsSynopsys - ok
22:00:49.0747 0x1884 usbccgp - ok
22:00:49.0779 0x1884 usbcir - ok
22:00:49.0810 0x1884 usbehci - ok
22:00:49.0841 0x1884 usbhub - ok
22:00:49.0857 0x1884 USBHUB3 - ok
22:00:49.0888 0x1884 usbohci - ok
22:00:49.0919 0x1884 usbprint - ok
22:00:49.0950 0x1884 usbscan - ok
22:00:49.0966 0x1884 usbser - ok
22:00:49.0997 0x1884 USBSTOR - ok
22:00:50.0013 0x1884 usbuhci - ok
22:00:50.0044 0x1884 USBXHCI - ok
22:00:50.0075 0x1884 UserDataSvc - ok
22:00:50.0122 0x1884 UserManager - ok
22:00:50.0154 0x1884 UsoSvc - ok
22:00:50.0185 0x1884 VaultSvc - ok
22:00:50.0216 0x1884 vdrvroot - ok
22:00:50.0232 0x1884 vds - ok
22:00:50.0263 0x1884 VerifierExt - ok
22:00:50.0294 0x1884 vhdmp - ok
22:00:50.0325 0x1884 vhf - ok
22:00:50.0341 0x1884 vmbus - ok
22:00:50.0372 0x1884 VMBusHID - ok
22:00:50.0404 0x1884 vmgid - ok
22:00:50.0435 0x1884 vmicguestinterface - ok
22:00:50.0450 0x1884 vmicheartbeat - ok
22:00:50.0482 0x1884 vmickvpexchange - ok
22:00:50.0513 0x1884 vmicrdv - ok
22:00:50.0544 0x1884 vmicshutdown - ok
22:00:50.0575 0x1884 vmictimesync - ok
22:00:50.0607 0x1884 vmicvmsession - ok
22:00:50.0622 0x1884 vmicvss - ok
22:00:50.0654 0x1884 volmgr - ok
22:00:50.0685 0x1884 volmgrx - ok
22:00:50.0716 0x1884 volsnap - ok
22:00:50.0747 0x1884 volume - ok
22:00:50.0763 0x1884 vpci - ok
22:00:50.0794 0x1884 vsmraid - ok
22:00:50.0825 0x1884 VSS - ok
22:00:50.0857 0x1884 VSTXRAID - ok
22:00:50.0888 0x1884 vwifibus - ok
22:00:50.0919 0x1884 vwififlt - ok
22:00:50.0951 0x1884 vwifimp - ok
22:00:50.0966 0x1884 W32Time - ok
22:00:50.0997 0x1884 WacomPen - ok
22:00:51.0029 0x1884 WalletService - ok
22:00:51.0075 0x1884 wanarp - ok
22:00:51.0107 0x1884 wanarpv6 - ok
22:00:51.0138 0x1884 wbengine - ok
22:00:51.0169 0x1884 WbioSrvc - ok
22:00:51.0201 0x1884 wcifs - ok
22:00:51.0263 0x1884 Wcmsvc - ok
22:00:51.0279 0x1884 wcncsvc - ok
22:00:51.0310 0x1884 wcnfs - ok
22:00:51.0341 0x1884 WdBoot - ok
22:00:51.0357 0x1884 Wdf01000 - ok
22:00:51.0388 0x1884 WdFilter - ok
22:00:51.0419 0x1884 WdiServiceHost - ok
22:00:51.0482 0x1884 WdiSystemHost - ok
22:00:51.0529 0x1884 wdiwifi - ok
22:00:51.0560 0x1884 WdNisDrv - ok
22:00:51.0575 0x1884 WdNisSvc - ok
22:00:51.0607 0x1884 WebClient - ok
22:00:51.0638 0x1884 Wecsvc - ok
22:00:51.0669 0x1884 WEPHOSTSVC - ok
22:00:51.0700 0x1884 wercplsupport - ok
22:00:51.0747 0x1884 WerSvc - ok
22:00:51.0763 0x1884 WFPLWFS - ok
22:00:51.0794 0x1884 WiaRpc - ok
22:00:51.0825 0x1884 WIMMount - ok
22:00:51.0857 0x1884 WinDefend - ok
22:00:51.0935 0x1884 WindowsTrustedRT - ok
22:00:51.0966 0x1884 WindowsTrustedRTProxy - ok
22:00:51.0997 0x1884 WinHttpAutoProxySvc - ok
22:00:52.0029 0x1884 WinMad - ok
22:00:52.0060 0x1884 Winmgmt - ok
22:00:52.0091 0x1884 WinRM - ok
22:00:52.0154 0x1884 WINUSB - ok
22:00:52.0169 0x1884 WinVerbs - ok
22:00:52.0200 0x1884 wisvc - ok
22:00:52.0232 0x1884 WlanSvc - ok
22:00:52.0263 0x1884 wlidsvc - ok
22:00:52.0294 0x1884 WmiAcpi - ok
22:00:52.0341 0x1884 wmiApSrv - ok
22:00:52.0372 0x1884 WMPNetworkSvc - ok
22:00:52.0419 0x1884 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:00:52.0451 0x1884 Wof - ok
22:00:52.0482 0x1884 workfolderssvc - ok
22:00:52.0513 0x1884 WPDBusEnum - ok
22:00:52.0544 0x1884 WpdUpFltr - ok
22:00:52.0560 0x1884 WpnService - ok
22:00:52.0591 0x1884 WpnUserService - ok
22:00:52.0638 0x1884 ws2ifsl - ok
22:00:52.0669 0x1884 wscsvc - ok
22:00:52.0700 0x1884 WSearch - ok
22:00:52.0747 0x1884 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
22:00:52.0763 0x1884 wsvd - ok
22:00:52.0794 0x1884 wuauserv - ok
22:00:52.0825 0x1884 WudfPf - ok
22:00:52.0857 0x1884 WUDFRd - ok
22:00:52.0888 0x1884 wudfsvc - ok
22:00:52.0904 0x1884 WUDFWpdFs - ok
22:00:52.0935 0x1884 WUDFWpdMtp - ok
22:00:52.0966 0x1884 WwanSvc - ok
22:00:53.0013 0x1884 XblAuthManager - ok
22:00:53.0044 0x1884 XblGameSave - ok
22:00:53.0076 0x1884 xboxgip - ok
22:00:53.0107 0x1884 XboxNetApiSvc - ok
22:00:53.0138 0x1884 xinputhid - ok
22:00:53.0185 0x1884 [ 1C051499D9D8952A1A2DB43A27550D0F, 330C6F21D928633424B1587BF2FFA8E418592836F6C286887745D6C851A15D51 ] ymc C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
22:00:53.0201 0x1884 ymc - ok
22:00:53.0607 0x1884 [ 65308E8DDBCA0A3D7A72E3404E194319, 93D51235D4CB50F3C73DE006843CB98B8940F92BBB84365443C9A31DEB2426A6 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:00:53.0951 0x1884 ZeroConfigService - ok
22:00:53.0982 0x1884 ================ Scan global ===============================
22:00:54.0044 0x1884 [ Global ] - ok
22:00:54.0044 0x1884 ================ Scan MBR ==================================
22:00:54.0060 0x1884 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:00:54.0107 0x1884 \Device\Harddisk0\DR0 - ok
22:00:54.0107 0x1884 ================ Scan VBR ==================================
22:00:54.0107 0x1884 [ FDD6257C6F01DC99E967D3AC83279FF9 ] \Device\Harddisk0\DR0\Partition1
22:00:54.0122 0x1884 \Device\Harddisk0\DR0\Partition1 - ok
22:00:54.0138 0x1884 [ 2A8D6B5E0E19D4ED5FDC24E53B4097E2 ] \Device\Harddisk0\DR0\Partition2
22:00:54.0138 0x1884 \Device\Harddisk0\DR0\Partition2 - ok
22:00:54.0154 0x1884 [ 12857D2196A20555591A3449D7583301 ] \Device\Harddisk0\DR0\Partition3
22:00:54.0169 0x1884 \Device\Harddisk0\DR0\Partition3 - ok
22:00:54.0169 0x1884 [ FCB43097861724941B019B69B3C462D4 ] \Device\Harddisk0\DR0\Partition4
22:00:54.0185 0x1884 \Device\Harddisk0\DR0\Partition4 - ok
22:00:54.0201 0x1884 [ 2F9C5DDD29EC85C8B5F73ED574143481 ] \Device\Harddisk0\DR0\Partition5
22:00:54.0216 0x1884 \Device\Harddisk0\DR0\Partition5 - ok
22:00:54.0232 0x1884 [ 488DDECCCC652DC7F4B0CF59FF7270A2 ] \Device\Harddisk0\DR0\Partition6
22:00:54.0232 0x1884 \Device\Harddisk0\DR0\Partition6 - ok
22:00:54.0247 0x1884 [ AF8FE7C55BF252B05E239D87FA128CDB ] \Device\Harddisk0\DR0\Partition7
22:00:54.0247 0x1884 \Device\Harddisk0\DR0\Partition7 - ok
22:00:54.0263 0x1884 ================ Scan generic autorun ======================
22:00:55.0951 0x1884 [ 27D32ED77BC7ABD9E87F0C3CFE99D84A, 2FF9C213022545A58EC0237E9EA234CC7B9B5347C88B42F94AD2EC08EBE6661B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:00:57.0388 0x1884 RtHDVCpl - ok
22:00:57.0622 0x1884 [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:57.0732 0x1884 RtHDVBg_Dolby - ok
22:00:57.0888 0x1884 [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:58.0013 0x1884 RtHDVBg_LENOVO_DOLBYDRAGON - ok
22:00:58.0169 0x1884 [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:58.0279 0x1884 RtHDVBg_LENOVO_MICPKEY - ok
22:00:58.0388 0x1884 [ 772123B2276B94C797659AEDC0D49943, 6ADD29D91EE5C510B2C7F788FBA034A45400EA25449C1826ABE1296553EF1CBD ] C:\Program Files\Lenovo\LenovoUtility\utility.exe
22:00:58.0451 0x1884 LenovoUtility - ok
22:00:58.0529 0x1884 [ 079511E999ACAB4B8CC08432F0363368, 05A2707AE075206E8913FE6249C0474FE350DCF61F4E8569904D7A8247F012BF ] c:\Program Files\Dolby\DDP_F3\ddpf3.exe
22:00:58.0607 0x1884 DDPF3 - ok
22:00:58.0638 0x1884 [ 03AE229AD0EC7BFDA3D2B37BA9E5799E, E22C1C0F78515595A27812459810774175100D4096D0F0E15812AD3761D1DCC9 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
22:00:58.0638 0x1884 IAStorIcon - ok
22:00:58.0747 0x1884 OneDriveSetup - ok
22:00:58.0763 0x1884 OneDriveSetup - ok
22:00:58.0935 0x1884 [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Baby\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:00:59.0060 0x1884 OneDrive - ok
22:00:59.0122 0x1884 [ 88DBF6DF632CAD6B22186DA206829639, CB7FA8F321EDDFAA897E15C5ED212AFAD6469CAD88F966771FF2F824FDE50423 ] C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe
22:00:59.0154 0x1884 OpenOffice Updater - ok
22:00:59.0154 0x1884 Waiting for KSN requests completion. In queue: 9
22:01:00.0216 0x1884 AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
22:01:00.0216 0x1884 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
22:01:00.0232 0x1884 FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
22:01:00.0451 0x1884 ============================================================
22:01:00.0451 0x1884 Scan finished
22:01:00.0451 0x1884 ============================================================
22:01:00.0482 0x2b68 Detected object count: 0
22:01:00.0482 0x2b68 Actual detected object count: 0
22:01:03.0966 0x2364 Deinitialize success
|
|
03.03.2017, 22:19
| #4 |
| | Internet öffnet ständig neue Fenster Hier FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (03-03-2017 21:57:09)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\CCSDK\CCSDKUpdateAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2
Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/
FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-03]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-01-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
U1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2017-01-30] () <==== ACHTUNG
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-03 21:57 - 2017-03-03 21:58 - 00021310 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-03 21:57 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-03 21:56 - 02423808 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-03 20:55 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-03-02 16:35 - 2017-03-02 16:35 - 00000000 ___HD C:\OneDriveTemp
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-03 18:49 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:49 - 2017-02-19 18:46 - 00000000 ____D C:\ProgramData\ProductData
2017-02-03 16:49 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\ProductData
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-03 20:44 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 19:04 - 2017-01-13 15:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-03 18:54 - 2017-01-13 14:58 - 00043532 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-03-03 18:54 - 2016-11-20 22:42 - 01597994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-03 18:54 - 2016-11-20 22:00 - 00567798 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-03 18:54 - 2016-11-20 22:00 - 00108362 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-03 18:50 - 2017-01-12 16:03 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-03-03 18:49 - 2017-01-30 18:31 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-03-03 18:49 - 2017-01-12 16:00 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-03-03 18:47 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 18:46 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:58 - 2017-01-12 20:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-26 10:57 - 2017-01-12 20:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 21:20 - 2017-01-12 16:03 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 20:17 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-02-14 17:27 - 2017-01-13 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-02-14 17:27 - 2017-01-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2017-01-25 19:00 - 00000000 ____D C:\ProgramData\install_backup
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2016-10-13 09:18 - 2016-10-13 09:18 - 171330228 _____ () C:\Users\Baby\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-02 17:04
==================== Ende von FRST.txt ============================
|
|
03.03.2017, 22:20
| #5 |
| | Internet öffnet ständig neue Fenster Hier Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Baby (03-03-2017 22:01:53)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version: - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "& {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-01-30 18:31 - 2017-03-03 18:49 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-12-02 09:24 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-10-16 09:55 - 2015-08-16 18:13 - 00395880 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-19 00:43 - 2016-10-19 00:42 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2016-10-19 00:43 - 2016-10-19 00:42 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-02-15 17:39 - 2017-02-15 17:39 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-19 19:59 - 2016-12-06 16:09 - 00116064 _____ () C:\Program Files (x86)\Lenovo\CCSDK\Xmlparser.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{46B32332-4A74-4540-91E9-F740ECBAAC38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EAF8C99D-6F66-40DD-B8F7-8C902F5C8906}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B5FFBE7D-2A55-4F69-9116-B7E25CFCFF65}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A350F950-6097-4304-8497-C521C9329600}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{715F2D49-9B78-490B-98DB-CBE1176E2FBF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F9638912-15E0-44FB-BD3A-02965C99AFEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BED336A-8E4B-4DA0-B686-0C891E969AB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/03/2017 08:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1f6c
Startzeit der fehlerhaften Anwendung: 0x01d2944686601db4
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: c26a4b0d-7206-4f9a-a75b-e4aeeecd50eb
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/03/2017 07:29:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-A10S929)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{bce8ade2-2d0c-4030-a803-f7c82671ec9d}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (03/03/2017 06:54:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b0c
Startzeit: 01d294469ac49a58
Beendigungszeit: 19
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 5f4e31d5-003a-11e7-af19-54ee755efccd
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (03/03/2017 06:41:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1bf4
Startzeit der fehlerhaften Anwendung: 0x01d293888012c855
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 383576e7-64e8-41e4-b370-453eed72c06f
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/02/2017 08:09:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1af0
Startzeit der fehlerhaften Anwendung: 0x01d293885eefa619
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 40735ea9-a804-40ba-bbad-7d03d84cf475
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/02/2017 07:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: wpaxholder.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bfb6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000011b68
ID des fehlerhaften Prozesses: 0x3888
Startzeit der fehlerhaften Anwendung: 0x01d29383917ad5a7
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\wpaxholder.dll
Berichtskennung: f6a16b3d-de5a-4a1f-b1ed-a2b430fa2dff
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/02/2017 07:34:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3854
Startzeit: 01d29383641a7bfa
Beendigungszeit: 24
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: cc921847-ff76-11e6-af17-54ee755efccd
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (03/02/2017 07:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f8
Startzeit: 01d2938319006294
Beendigungszeit: 10
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 99a54f39-ff76-11e6-af17-54ee755efccd
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (03/02/2017 07:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.14393.693, Zeitstempel: 0x585a2bf0
Ausnahmecode: 0x80004004
Fehleroffset: 0x000000000064c365
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0x01d293821f00650d
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\edgehtml.dll
Berichtskennung: a65a3319-d859-49f8-8566-673a51475529
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/02/2017 07:23:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3510
Startzeit: 01d29382070f6e61
Beendigungszeit: 20
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 5a7b00ae-ff75-11e6-af17-54ee755efccd
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Systemfehler:
=============
Error: (03/03/2017 08:22:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/03/2017 07:10:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/03/2017 06:53:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/03/2017 06:49:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/03/2017 06:49:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/03/2017 06:49:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst mccspsvc erreicht.
Error: (03/03/2017 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/03/2017 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/03/2017 06:46:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/03/2017 06:46:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 5405.46 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 6096.82 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:393.37 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
04.03.2017, 14:43
| #6 |
| /// TB-Ausbilder | Internet öffnet ständig neue Fenster Servus, Ich seh den Schädling...  Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
04.03.2017, 19:32
| #7 |
| | Internet öffnet ständig neue Fenster ADWCLEANER: Code:
ATTFilter # AdwCleaner v6.044 - Bericht erstellt am 04/03/2017 um 18:58:05
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-02.1 [Lokal]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Baby - DESKTOP-A10S929
# Gestartet von : C:\Users\Baby\Desktop\adwcleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[#] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9058 Bytes] - [03/03/2017 18:46:09]
C:\AdwCleaner\AdwCleaner[C2].txt - [5025 Bytes] - [04/03/2017 18:58:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [8427 Bytes] - [02/03/2017 20:04:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [8500 Bytes] - [03/03/2017 18:45:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [5174 Bytes] - [04/03/2017 18:57:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5317 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 04.03.17
Scan-Zeit: 19:08
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1426
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-A10S929\Baby
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 399011
Abgelaufene Zeit: 2 Min., 14 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 1
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.1426
Registrierungsschlüssel: 1
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, In Quarantäne, [863], [325509],1.0.1426
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.1426
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, In Quarantäne, [863], [325509],1.0.1426
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Home x64
Ran by Baby (Administrator) on 04.03.2017 at 19:24:13,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Baby\AppData\Roaming\productdata (Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7AD69B7E-3FA6-4429-B5DF-34879D0D7903} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2017 at 19:25:34,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (04-03-2017 19:27:37)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2
Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/
FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-03]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-01-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Drei Monate: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-04 19:27 - 2017-03-04 19:27 - 00000000 ____D C:\Users\Baby\Desktop\FRST-OlderVersion
2017-03-04 19:25 - 2017-03-04 19:25 - 00000813 _____ C:\Users\Baby\Desktop\JRT.txt
2017-03-04 19:24 - 2017-03-04 19:24 - 01663736 _____ (Malwarebytes) C:\Users\Baby\Desktop\JRT.exe
2017-03-04 19:20 - 2017-03-04 19:20 - 00001569 _____ C:\Users\Baby\Desktop\mbam.txt
2017-03-04 19:17 - 2017-03-04 19:17 - 00000000 ___HD C:\OneDriveTemp
2017-03-04 19:07 - 2017-03-04 19:17 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-04 19:07 - 2017-03-04 19:07 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-04 19:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-04 19:05 - 2017-03-04 19:06 - 57131432 _____ (Malwarebytes ) C:\Users\Baby\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 22:01 - 2017-03-03 22:06 - 00031008 _____ C:\Users\Baby\Desktop\Addition.txt
2017-03-03 22:00 - 2017-03-03 22:01 - 00094734 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_22.00.13_log.txt
2017-03-03 21:57 - 2017-03-04 19:28 - 00019807 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-04 19:27 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-04 19:27 - 02423296 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-04 18:58 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-04 19:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2017-01-31 13:49 - 2017-01-31 13:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\GameHouse
2017-01-31 13:48 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-01-31 13:48 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\com.gamehouse.acid
2017-01-31 13:48 - 2017-01-31 13:48 - 00000000 ____D C:\Program Files (x86)\Online Games Manager
2017-01-31 13:42 - 2017-01-31 13:48 - 00000000 ____D C:\Users\Baby\AppData\Local\com.gamehouse.acid
2017-01-31 13:42 - 2017-01-31 13:42 - 00000000 ____D C:\Zylom Games
2017-01-31 13:41 - 2017-01-31 13:41 - 00002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-01-31 13:41 - 2017-01-31 13:41 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weitere fantastische Spiele.lnk
2017-01-31 13:41 - 2017-01-31 13:41 - 00000000 ____D C:\ProgramData\Big Fish
2017-01-31 13:41 - 2017-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\bfgclient
2017-01-31 13:40 - 2017-01-31 13:41 - 00000000 ____D C:\Users\Baby\AppData\Local\Big Fish
2017-01-31 13:40 - 2017-01-31 13:41 - 00000000 ____D C:\BigFishCache
2017-01-31 13:40 - 2017-01-31 13:40 - 00237568 _____ (Big Fish Games) C:\Users\Baby\Downloads\gardenscapes_s2_l2_gF5293T1L2_d2692186189.exe
2017-01-30 18:31 - 2017-01-30 18:31 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-28 17:42 - 2017-01-28 17:42 - 01496584 _____ C:\Users\Baby\Downloads\DirectX - CHIP-Installer.exe
2017-01-28 17:36 - 2017-01-28 17:52 - 00000000 ____D C:\Users\Baby\Downloads\flatout2_demo
2017-01-28 14:54 - 2017-01-28 15:04 - 499573731 _____ C:\Users\Baby\Downloads\flatout2_demo.zip
2017-01-25 19:00 - 2017-02-03 17:06 - 00000000 ____D C:\ProgramData\install_backup
2017-01-22 20:39 - 2017-01-22 20:39 - 00000000 __RHD C:\Users\Baby\AppData\Roaming\SecuROM
2017-01-22 20:39 - 2017-01-22 20:39 - 00000000 ____D C:\Users\Baby\Documents\GTA San Andreas User Files
2017-01-17 17:03 - 2017-01-17 17:03 - 00159009 _____ C:\Users\Baby\Downloads\Rechnung_9201230.pdf
2017-01-17 17:03 - 2017-01-17 17:03 - 00000000 ____D C:\ProgramData\HP
2017-01-13 21:11 - 2017-01-13 21:11 - 00379136 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2017-01-13 18:46 - 2017-01-13 18:46 - 00003253 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk
2017-01-13 18:41 - 2017-01-13 18:41 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Skype
2017-01-13 15:40 - 2017-01-13 15:40 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-01-13 15:35 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-01-13 15:33 - 2017-01-13 15:25 - 00002214 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2017-01-13 15:26 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-01-13 15:26 - 2017-01-13 15:39 - 00001480 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-01-13 15:25 - 2017-01-13 15:25 - 00002282 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk
2017-01-13 15:25 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-01-13 15:24 - 2017-03-04 19:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-13 15:24 - 2017-01-13 15:38 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-01-13 15:24 - 2017-01-13 15:26 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-01-13 15:24 - 2016-06-26 15:14 - 00191312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-01-13 15:13 - 2017-02-14 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-01-13 15:13 - 2017-02-14 17:24 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-01-13 15:11 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2017-01-13 15:10 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-01-13 15:09 - 2017-01-13 15:09 - 00000000 ____D C:\ProgramData\Intel Security
2017-01-13 15:09 - 2017-01-13 15:09 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2017-01-13 15:01 - 2017-01-13 15:01 - 01496584 _____ C:\Users\Baby\Downloads\Kaspersky Internet Security 2017 - CHIP-Installer.exe
2017-01-13 14:58 - 2017-03-04 19:22 - 00045476 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-01-12 20:00 - 2017-02-26 10:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-12 20:00 - 2017-02-26 10:57 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-12 19:51 - 2016-07-01 04:40 - 00034304 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2017-01-12 18:43 - 2016-07-01 04:57 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2017-01-12 18:41 - 2015-10-30 03:40 - 00014848 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-01-12 18:41 - 2015-10-30 03:30 - 00635904 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-01-12 18:32 - 2017-01-12 18:32 - 02365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-01-12 16:19 - 2017-01-12 16:19 - 00000000 ____D C:\Users\Baby\AppData\Local\Comms
2017-01-12 16:15 - 2017-01-12 16:15 - 00000000 ____D C:\Users\Baby\AppData\Local\CyberLink
2017-01-12 16:05 - 2017-01-12 16:07 - 00000000 ____D C:\Users\Baby\AppData\Local\MicrosoftEdge
2017-01-12 16:05 - 2017-01-12 16:06 - 21628640 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\OneDriveSetup.exe
2017-01-12 16:05 - 2017-01-12 16:05 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Macromedia
2017-01-12 16:04 - 2017-01-12 16:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Intel Corporation
2017-01-12 16:04 - 2017-01-12 16:04 - 00000000 ____D C:\Users\Baby\AppData\Local\NetworkTiles
2017-01-12 16:03 - 2017-03-04 19:24 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-01-12 16:03 - 2017-02-23 21:20 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-12 16:02 - 2017-01-12 16:02 - 00000000 ____D C:\Users\Baby\AppData\Local\ActiveSync
2017-01-12 16:01 - 2017-01-13 15:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Lenovo
2017-01-12 16:01 - 2017-01-12 16:01 - 00000000 ____D C:\Users\Baby\REACHit
2017-01-12 16:01 - 2017-01-12 16:01 - 00000000 ____D C:\Users\Baby\AppData\Local\Publishers
2017-01-12 16:00 - 2017-03-04 19:17 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-01-12 16:00 - 2017-02-20 20:17 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Intel
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Adobe
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\VirtualStore
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\TileDataLayer
2017-01-12 15:58 - 2017-01-12 15:58 - 00000000 ____D C:\Users\Public\Lenovo App Explorer
2016-12-12 16:21 - 2017-01-13 21:11 - 00231168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2016-12-12 16:21 - 2017-01-13 21:11 - 00184064 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
==================== Drei Monate: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-04 19:21 - 2016-11-20 22:42 - 01660258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-04 19:21 - 2016-11-20 22:00 - 00601682 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-04 19:21 - 2016-11-20 22:00 - 00117834 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-04 19:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-04 19:16 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-04 19:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-04 18:52 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink
|
|
04.03.2017, 19:34
| #8 |
| | Internet öffnet ständig neue Fenster Den Rest von FRST, da Nachricht zu lang: Code:
ATTFilter ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2016-10-13 09:18 - 2016-10-13 09:18 - 171330228 _____ () C:\Users\Baby\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-02 17:04
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 19:29:15)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version: - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "& {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:24 - 2017-02-24 15:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-14 18:17 - 2017-02-14 18:18 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
04-03-2017 19:24:14 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/04/2017 07:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.693, Zeitstempel: 0x585a26c4
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x584a72ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000072fda
ID des fehlerhaften Prozesses: 0x2690
Startzeit der fehlerhaften Anwendung: 0x01d29513d147af5c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\CoreUIComponents.dll
Berichtskennung: 1b0c80d6-4929-46ee-b700-127ac595b4aa
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/04/2017 07:24:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/04/2017 07:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28f8
Startzeit der fehlerhaften Anwendung: 0x01d29513d2e1adea
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 49dbb91c-76cb-4dea-b810-85101df8b493
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/04/2017 07:22:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28f8
Startzeit der fehlerhaften Anwendung: 0x01d29513d2e1adea
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 2f01d584-ce37-4689-b5ea-72f4c05f1dff
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/04/2017 07:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.693, Zeitstempel: 0x585a26c4
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.594, Zeitstempel: 0x5850ccd3
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d682b
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0x01d2951111e8f056
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 2a4af1ed-50d0-40ba-a5b2-3877cb973448
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (03/04/2017 07:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x918
Startzeit der fehlerhaften Anwendung: 0x01d2951105a5de72
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 695df0f0-f710-492a-a543-3f93e5af1041
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/04/2017 06:59:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0x01d29510ffab3617
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 6ed4707a-be63-428a-a983-e54a2471d8fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/04/2017 06:53:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x22c0
Startzeit der fehlerhaften Anwendung: 0x01d2951029ea6d81
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: de164e89-2b8c-43dc-abc7-d2587f4f78e8
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/04/2017 03:21:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1884
Startzeit der fehlerhaften Anwendung: 0x01d294f28ca884dd
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e6800b0b-146c-4cb3-9853-942188987757
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/04/2017 12:05:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x37ac
Startzeit der fehlerhaften Anwendung: 0x01d294d501351e69
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: eb1f7214-e496-449b-8fcf-184a7e9eaa76
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (03/04/2017 07:19:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/04/2017 07:19:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee CSP Service erreicht.
Error: (03/04/2017 07:17:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/04/2017 07:10:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A10S929)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/04/2017 07:10:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/04/2017 07:01:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/04/2017 07:00:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/04/2017 07:00:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee CSP Service erreicht.
Error: (03/04/2017 06:58:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/04/2017 06:58:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
CodeIntegrity:
===================================
Date: 2017-03-04 19:07:31.175
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-03-04 19:07:31.164
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-03-04 19:07:31.153
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 5800.89 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 7132.47 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:392.44 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
04.03.2017, 20:55
| #9 |
| /// TB-Ausbilder | Internet öffnet ständig neue Fenster Servus, wir kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
04.03.2017, 21:29
| #10 |
| | Internet öffnet ständig neue Fenster FRST-Fix: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 21:25:20) Run:1
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 308208 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36895244 B
Java, Flash, Steam htmlcache => 9891 B
Windows/system/drivers => 8766872 B
Edge => 136824778 B
Chrome => 0 B
Firefox => 243690857 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 35116 B
NetworkService => 5010 B
Baby => 227081452 B
RecycleBin => 0 B
EmptyTemp: => 623.3 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:26:11 ====
|
|
04.03.2017, 21:57
| #11 |
| /// TB-Ausbilder | Internet öffnet ständig neue Fenster Gut gemacht. Fehlen noch die anderen Schritte. |
|
04.03.2017, 23:32
| #12 |
| | Internet öffnet ständig neue Fenster Puuh das hat lang gedauert. ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# end=init
# utc_time=2017-03-04 08:31:21
# local_time=2017-03-04 09:31:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32605
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# end=updated
# utc_time=2017-03-04 08:35:48
# local_time=2017-03-04 09:35:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# engine=32605
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-04 09:58:57
# local_time=2017-03-04 10:58:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 9024 21595271 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8991324 19995353 0 0
# scanned=194120
# found=2
# cleaned=0
# scan_time=4988
sh=CBA164396109D0C0152BB410D3D226EB6497B9E3 ft=1 fh=b92ce7fb072d4e1e vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Baby\Downloads\DirectX - CHIP-Installer.exe"
sh=7AB111CF04A7CE1C3882528F73892CA6AC22C69D ft=1 fh=4b3a8c536f5793f0 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Baby\Downloads\Kaspersky Internet Security 2017 - CHIP-Installer.exe"
Code:
ATTFilter
|
|
04.03.2017, 23:35
| #13 |
| | Internet öffnet ständig neue Fenster FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (04-03-2017 23:33:09)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2
Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/
FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-04]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-04] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-04] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-04] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-04 23:26 - 2017-03-04 23:32 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-04 23:25 - 2017-03-04 23:26 - 11581544 _____ (SurfRight B.V.) C:\Users\Baby\Desktop\HitmanPro_x64.exe
2017-03-04 21:31 - 2017-03-04 21:31 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-04 21:30 - 2017-03-04 21:30 - 02870984 _____ (ESET) C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe
2017-03-04 21:25 - 2017-03-04 21:26 - 00002294 _____ C:\Users\Baby\Desktop\Fixlog.txt
2017-03-04 19:27 - 2017-03-04 19:27 - 00000000 ____D C:\Users\Baby\Desktop\FRST-OlderVersion
2017-03-04 19:25 - 2017-03-04 19:25 - 00000813 _____ C:\Users\Baby\Desktop\JRT.txt
2017-03-04 19:24 - 2017-03-04 19:24 - 01663736 _____ (Malwarebytes) C:\Users\Baby\Desktop\JRT.exe
2017-03-04 19:20 - 2017-03-04 19:20 - 00001569 _____ C:\Users\Baby\Desktop\mbam.txt
2017-03-04 19:17 - 2017-03-04 19:17 - 00000000 ___HD C:\OneDriveTemp
2017-03-04 19:07 - 2017-03-04 21:27 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-04 19:07 - 2017-03-04 21:26 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 19:07 - 2017-03-04 21:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-04 19:07 - 2017-03-04 19:07 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-04 19:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-04 19:05 - 2017-03-04 19:06 - 57131432 _____ (Malwarebytes ) C:\Users\Baby\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 22:01 - 2017-03-04 19:29 - 00029825 _____ C:\Users\Baby\Desktop\Addition.txt
2017-03-03 22:00 - 2017-03-03 22:01 - 00094734 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_22.00.13_log.txt
2017-03-03 21:57 - 2017-03-04 23:33 - 00021272 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-04 23:33 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-04 19:27 - 02423296 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-04 18:58 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-04 21:26 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-04 23:20 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-04 22:29 - 2017-01-13 15:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-04 21:34 - 2016-11-20 22:42 - 01691388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-04 21:34 - 2016-11-20 22:00 - 00618624 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-04 21:34 - 2016-11-20 22:00 - 00122570 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-04 21:32 - 2017-01-13 14:58 - 00046448 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-03-04 21:27 - 2017-01-12 16:03 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-03-04 21:26 - 2017-01-12 16:00 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-03-04 21:26 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-04 21:26 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-04 19:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:58 - 2017-01-12 20:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-26 10:57 - 2017-01-12 20:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 21:20 - 2017-01-12 16:03 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 20:17 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-02-14 17:27 - 2017-01-13 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-02-14 17:27 - 2017-01-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2017-01-25 19:00 - 00000000 ____D C:\ProgramData\install_backup
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-02 17:04
==================== Ende von FRST.txt ============================
|
|
04.03.2017, 23:36
| #14 |
| | Internet öffnet ständig neue Fenster Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 23:34:08)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version: - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "& {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-04 19:07 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-12-02 09:24 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2015-10-16 09:55 - 2015-08-16 18:13 - 00395880 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:24 - 2017-02-24 15:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-14 18:17 - 2017-02-14 18:18 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-10-19 00:43 - 2016-10-19 00:42 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2016-10-19 00:43 - 2016-10-19 00:42 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-02-15 17:39 - 2017-02-15 17:39 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
04-03-2017 19:24:14 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/04/2017 11:25:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 11:22:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 11:21:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 11:21:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:32:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:31:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:31:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\baby\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:31:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:30:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/04/2017 09:30:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Systemfehler:
=============
Error: (03/04/2017 09:35:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/04/2017 09:35:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys
Error: (03/04/2017 09:35:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/04/2017 09:35:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys
Error: (03/04/2017 09:35:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/04/2017 09:35:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys
Error: (03/04/2017 09:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/04/2017 09:33:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys
Error: (03/04/2017 09:33:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/04/2017 09:33:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-03-04 19:07:31.175
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-03-04 19:07:31.164
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-03-04 19:07:31.153
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 4750.59 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 5796.68 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:392.45 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
05.03.2017, 09:52
| #15 | |||||||||||
| /// TB-Ausbilder | Internet öffnet ständig neue Fenster Servus, Zitat:
Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\Baby\Downloads\*CHIP-Installer*.exe
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Internet öffnet ständig neue Fenster |
| andere, beitrag, fenster, gebrauch, gebraucht, inter, interne, internet, lange, liebe, neue, problem, surfe, theme, themen, troja, verschieden, versteckt, versteckt sich, vieles, virus, werbung, windows, windows repair, öffnet |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
