Right Coupon lässt sich nicht entfernen

robert2102 · 25.03.2017, 13:34

Hallo!
Ich habe ähnliches Problem mit Adware Rightcoupon wie schon mit Benutzer hetfield151 in Februar 2017 bearbeitet wurde. Zuerst muss ich dass ganze mehrmals durchstudieren, wie ihm geholfen wurde. Da weil bin nicht ganz sicher, ob ich PC-technisch die alle notwendige Informationen und Operationen durchführen und Antworten als Dateien liefern kann.

Dafor hätte ich aber wichtige Frage: Ich will erstmalig PC Backup mit AcronisTrue Image 2017 durchführen und bin ich nicht sicher, ob ich es jetzt schon problemlos machen kann, oder lieber nach Bereinigung von Adware mit Gefähr, dass sich es in Backup Dateien einnisten kann?
Habt bitte mit mir Gedult, bin nur ein 50-jähriger PC Benutzer ohne viel Verständnis, wie die Software Abläufe funktionieren.
Danke,
Robert.

M-K-D-B · 26.03.2017, 12:59

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Erst bereinigen wir den Rechner, dann kannst du ein Backup machen. Alles andere wäre sinnfrei.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

robert2102 · 26.03.2017, 22:32

Code:

ATTFilter

21:33:45.0163 0x3c50  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:33:45.0332 0x3c50  UEFI system
21:34:05.0938 0x3c50  ============================================================
21:34:05.0938 0x3c50  Current date / time: 2017/03/26 21:34:05.0938
21:34:05.0938 0x3c50  SystemInfo:
21:34:05.0938 0x3c50  
21:34:05.0938 0x3c50  OS Version: 10.0.14393 ServicePack: 0.0
21:34:05.0938 0x3c50  Product type: Workstation
21:34:05.0938 0x3c50  ComputerName: RB-PC
21:34:05.0938 0x3c50  UserName: Robert
21:34:05.0938 0x3c50  Windows directory: C:\WINDOWS
21:34:05.0938 0x3c50  System windows directory: C:\WINDOWS
21:34:05.0938 0x3c50  Running under WOW64
21:34:05.0938 0x3c50  Processor architecture: Intel x64
21:34:05.0938 0x3c50  Number of processors: 8
21:34:05.0938 0x3c50  Page size: 0x1000
21:34:05.0938 0x3c50  Boot type: Normal boot
21:34:05.0938 0x3c50  CodeIntegrityOptions = 0x00000001
21:34:05.0938 0x3c50  ============================================================
21:34:06.0223 0x3c50  KLMD registered as C:\WINDOWS\system32\drivers\25408715.sys
21:34:06.0223 0x3c50  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.953, osProperties = 0x19
21:34:06.0561 0x3c50  System UUID: {4427D84F-D001-D225-C77F-D6B3C02D7249}
21:34:07.0623 0x3c50  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:07.0639 0x3c50  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:07.0692 0x3c50  ============================================================
21:34:07.0692 0x3c50  \Device\Harddisk0\DR0:
21:34:07.0692 0x3c50  GPT partitions:
21:34:07.0692 0x3c50  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8E099E58-B9D5-4987-9C12-16628E6C3501}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
21:34:07.0692 0x3c50  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C5A3C316-FDBE-441E-BE8C-53DDAD8C2F63}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
21:34:07.0692 0x3c50  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CE7678DA-19F8-4785-BFCA-1F49019DE723}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
21:34:07.0692 0x3c50  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {323BAD10-758F-46FE-9D89-891004D36970}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
21:34:07.0739 0x3c50  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {72BDBEEB-B9A7-4320-8F42-91EEA31FFBEA}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0xEA2E800
21:34:07.0739 0x3c50  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0539AB90-B637-40F0-B250-4375B043D6D5}, Name: , StartLBA 0xED9A800, BlocksNum 0xE1000
21:34:07.0739 0x3c50  MBR partitions:
21:34:07.0739 0x3c50  \Device\Harddisk1\DR1:
21:34:07.0776 0x3c50  GPT partitions:
21:34:07.0776 0x3c50  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1109F875-5C88-48C8-AC2B-4BF567410CBB}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:34:07.0776 0x3c50  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DDFDB9C7-375E-4165-ADE9-F4879CB79EF6}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x55CC9800
21:34:07.0776 0x3c50  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {59DE3E87-913B-4FAA-B207-F3E823997FB6}, Name: Basic data partition, StartLBA 0x155D0A000, BlocksNum 0x77FF800
21:34:07.0776 0x3c50  MBR partitions:
21:34:07.0776 0x3c50  ============================================================
21:34:07.0776 0x3c50  C: <-> \Device\Harddisk0\DR0\Partition5
21:34:07.0977 0x3c50  D: <-> \Device\Harddisk1\DR1\Partition2
21:34:08.0024 0x3c50  E: <-> \Device\Harddisk1\DR1\Partition3
21:34:08.0062 0x3c50  ============================================================
21:34:08.0062 0x3c50  Initialize success
21:34:08.0062 0x3c50  ============================================================
21:35:01.0478 0x1930  ============================================================
21:35:01.0478 0x1930  Scan started
21:35:01.0478 0x1930  Mode: Manual; 
21:35:01.0478 0x1930  ============================================================
21:35:01.0478 0x1930  KSN ping started
21:35:02.0775 0x1930  KSN ping finished: true
21:35:37.0409 0x1930  ================ Scan system memory ========================
21:35:37.0409 0x1930  System memory - ok
21:35:37.0409 0x1930  ================ Scan services =============================
21:35:37.0778 0x1930  0171261490479076mcinstcleanup - ok
21:35:38.0162 0x1930  1394ohci - ok
21:35:38.0162 0x1930  3ware - ok
21:35:38.0193 0x1930  [ 27BE608E4FF085CFB30005D075A7FCCA, 5E69DA8F3149D631A25FEF4200D5ECA2B6AB9BBA7D344C698103704B6B512334 ] AbAdminService  C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe
21:35:38.0193 0x1930  AbAdminService - ok
21:35:38.0225 0x1930  ACPI - ok
21:35:38.0225 0x1930  AcpiDev - ok
21:35:38.0225 0x1930  acpiex - ok
21:35:38.0225 0x1930  acpipagr - ok
21:35:38.0225 0x1930  AcpiPmi - ok
21:35:38.0242 0x1930  acpitime - ok
21:35:38.0247 0x1930  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:38.0247 0x1930  AdobeARMservice - ok
21:35:38.0510 0x1930  [ CC2BADA495F53719836FAC0999F67480, 3304F9C8C484DF59D58D5213106D1AE3A27793BF8E895B1F66AA716E2EF70550 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:38.0510 0x1930  AdobeFlashPlayerUpdateSvc - ok
21:35:38.0525 0x1930  ADP80XX - ok
21:35:38.0525 0x1930  AFD - ok
21:35:38.0525 0x1930  ahcache - ok
21:35:38.0525 0x1930  AJRouter - ok
21:35:38.0543 0x1930  ALG - ok
21:35:38.0547 0x1930  AmdK8 - ok
21:35:38.0547 0x1930  AmdPPM - ok
21:35:38.0547 0x1930  amdsata - ok
21:35:38.0547 0x1930  amdsbs - ok
21:35:38.0547 0x1930  amdxata - ok
21:35:38.0563 0x1930  andnetadb - ok
21:35:38.0563 0x1930  [ CF64D3E902F27480CE83152BFC6D7BCF, 15D5A4453643EC23105E68EF93F3555C1272642398B9CA71C536A7A4337E9ABC ] anvsnddrv       C:\WINDOWS\system32\drivers\anvsnddrv.sys
21:35:38.0563 0x1930  anvsnddrv - ok
21:35:38.0563 0x1930  AppID - ok
21:35:38.0563 0x1930  AppIDSvc - ok
21:35:38.0578 0x1930  Appinfo - ok
21:35:38.0578 0x1930  applockerfltr - ok
21:35:38.0578 0x1930  AppReadiness - ok
21:35:38.0594 0x1930  AppXSvc - ok
21:35:38.0594 0x1930  arcsas - ok
21:35:38.0594 0x1930  AsyncMac - ok
21:35:38.0610 0x1930  atapi - ok
21:35:38.0610 0x1930  AudioEndpointBuilder - ok
21:35:38.0610 0x1930  Audiosrv - ok
21:35:38.0625 0x1930  AxInstSV - ok
21:35:38.0625 0x1930  b06bdrv - ok
21:35:38.0625 0x1930  BasicDisplay - ok
21:35:38.0643 0x1930  BasicRender - ok
21:35:38.0647 0x1930  bcmfn - ok
21:35:38.0647 0x1930  bcmfn2 - ok
21:35:38.0647 0x1930  BDESVC - ok
21:35:38.0647 0x1930  Beep - ok
21:35:38.0663 0x1930  BFE - ok
21:35:38.0663 0x1930  BITS - ok
21:35:38.0663 0x1930  bowser - ok
21:35:38.0663 0x1930  BrokerInfrastructure - ok
21:35:38.0663 0x1930  Browser - ok
21:35:38.0678 0x1930  BthAvrcpTg - ok
21:35:38.0678 0x1930  BthHFEnum - ok
21:35:38.0678 0x1930  bthhfhid - ok
21:35:38.0694 0x1930  BthHFSrv - ok
21:35:38.0694 0x1930  BTHMODEM - ok
21:35:38.0694 0x1930  bthserv - ok
21:35:38.0709 0x1930  buttonconverter - ok
21:35:38.0709 0x1930  CapImg - ok
21:35:38.0709 0x1930  cdfs - ok
21:35:38.0725 0x1930  CDPSvc - ok
21:35:38.0725 0x1930  CDPUserSvc - ok
21:35:38.0741 0x1930  cdrom - ok
21:35:38.0744 0x1930  CertPropSvc - ok
21:35:38.0747 0x1930  [ 515FAA4CABCBB83347205119E57868C8, 8E008E87E4DD223E1F4262C08E65439D6C02894F69A1A7DD07530044A0B6CE16 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
21:35:38.0747 0x1930  cfwids - ok
21:35:38.0747 0x1930  cht4iscsi - ok
21:35:38.0747 0x1930  cht4vbd - ok
21:35:38.0763 0x1930  circlass - ok
21:35:38.0763 0x1930  CLFS - ok
21:35:38.0879 0x1930  [ CD1F57FE8DD130C4E80134871D2BD216, 998D4A1ABED8415F36FA5F2D45A60BA82D2FA6C1437F578BBCEDB8A9F3B9A144 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:35:38.0926 0x1930  ClickToRunSvc - ok
21:35:38.0995 0x1930  [ C59156D6D7CAB23975E2089E48D95032, B022A87674E0BA9060060B8DD1DB61BB22FA6821244E542DA637C7105BFBE14B ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:35:39.0011 0x1930  ClientAnalyticsService - ok
21:35:39.0026 0x1930  ClipSVC - ok
21:35:39.0026 0x1930  clreg - ok
21:35:39.0043 0x1930  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
21:35:39.0046 0x1930  CLVirtualDrive - ok
21:35:39.0048 0x1930  CmBatt - ok
21:35:39.0048 0x1930  CNG - ok
21:35:39.0048 0x1930  cnghwassist - ok
21:35:39.0195 0x1930  CompositeBus - ok
21:35:39.0210 0x1930  COMSysApp - ok
21:35:39.0210 0x1930  condrv - ok
21:35:39.0210 0x1930  CoreMessagingRegistrar - ok
21:35:39.0210 0x1930  CryptSvc - ok
21:35:39.0248 0x1930  [ 9FF6436D65CD8C798691373E28FBFB3B, 7A9ACD14679FB82E71EF4C47E43DAD931EC4FD727A5656AF8A3CC3B95D67EB5B ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
21:35:39.0248 0x1930  CyberLink PowerDVD 10 MS Monitor Service - ok
21:35:39.0264 0x1930  [ 06B5C625CB915E9A7A1F08A43E332FA1, 66F0BFE088B44ED3D36E62DC05200CD09F135FF63C447846C603D6246FABB9BE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
21:35:39.0264 0x1930  CyberLink PowerDVD 10 MS Service - ok
21:35:39.0279 0x1930  dam - ok
21:35:39.0295 0x1930  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:35:39.0295 0x1930  dbupdate - ok
21:35:39.0295 0x1930  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:35:39.0310 0x1930  dbupdatem - ok
21:35:39.0310 0x1930  dbx - ok
21:35:39.0310 0x1930  [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
21:35:39.0310 0x1930  DbxSvc - ok
21:35:39.0326 0x1930  [ 881D881EA7B54BA294F01FD028F034BD, F79569D463C98374DEE491D0C6FD1D916E27CFB8B0529113B8229C9751DDBDD8 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
21:35:39.0326 0x1930  dc3d - ok
21:35:39.0326 0x1930  DcomLaunch - ok
21:35:39.0326 0x1930  DcpSvc - ok
21:35:39.0342 0x1930  defragsvc - ok
21:35:39.0345 0x1930  DeviceAssociationService - ok
21:35:39.0349 0x1930  DeviceInstall - ok
21:35:39.0349 0x1930  DevQueryBroker - ok
21:35:39.0349 0x1930  Dfsc - ok
21:35:39.0349 0x1930  Dhcp - ok
21:35:39.0364 0x1930  diagnosticshub.standardcollector.service - ok
21:35:39.0364 0x1930  DiagTrack - ok
21:35:39.0380 0x1930  disk - ok
21:35:39.0380 0x1930  DmEnrollmentSvc - ok
21:35:39.0380 0x1930  dmvsc - ok
21:35:39.0380 0x1930  dmwappushservice - ok
21:35:39.0396 0x1930  Dnscache - ok
21:35:39.0396 0x1930  dot3svc - ok
21:35:39.0411 0x1930  [ C0AA415718DDD13A136E353844628A65, 7E2F2A139E897EAE56038B920BDA9381094BC0AE9E626F6634E6B444B8B0C91F ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
21:35:39.0411 0x1930  dot4 - ok
21:35:39.0411 0x1930  [ CC88A1D8A39752859101ECCE1F1BC888, F21C1D478180BC5E932BB2C2E4618E3ED463CA87ACEDEB139682D218435F82F1 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
21:35:39.0427 0x1930  Dot4Print - ok
21:35:39.0427 0x1930  [ 292ADB7C57B5457F18F2FC06934B0B40, 12FFDF5F48A79B1B4ADBB88BA2CB6C59DD6719554E8EA6BEEFE99B3E3C66F1AC ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
21:35:39.0427 0x1930  dot4usb - ok
21:35:39.0427 0x1930  DPS - ok
21:35:39.0447 0x1930  drmkaud - ok
21:35:39.0449 0x1930  DsmSvc - ok
21:35:39.0449 0x1930  DsSvc - ok
21:35:39.0449 0x1930  DXGKrnl - ok
21:35:39.0465 0x1930  EapHost - ok
21:35:39.0465 0x1930  ebdrv - ok
21:35:39.0465 0x1930  EFS - ok
21:35:39.0465 0x1930  EhStorClass - ok
21:35:39.0480 0x1930  EhStorTcgDrv - ok
21:35:39.0480 0x1930  embeddedmode - ok
21:35:39.0480 0x1930  EntAppSvc - ok
21:35:39.0480 0x1930  ErrDev - ok
21:35:39.0496 0x1930  EventSystem - ok
21:35:39.0496 0x1930  exfat - ok
21:35:39.0496 0x1930  fastfat - ok
21:35:39.0496 0x1930  Fax - ok
21:35:39.0511 0x1930  fdc - ok
21:35:39.0511 0x1930  fdPHost - ok
21:35:39.0511 0x1930  FDResPub - ok
21:35:39.0527 0x1930  fhsvc - ok
21:35:39.0527 0x1930  FileCrypt - ok
21:35:39.0527 0x1930  FileInfo - ok
21:35:39.0527 0x1930  Filetrace - ok
21:35:39.0527 0x1930  flpydisk - ok
21:35:39.0527 0x1930  FltMgr - ok
21:35:39.0544 0x1930  FontCache - ok
21:35:39.0549 0x1930  FontCache3.0.0.0 - ok
21:35:39.0549 0x1930  FrameServer - ok
21:35:39.0565 0x1930  [ CEA10017629484BBBCA38BCD476CB175, D96BFDFE595E97611D50EDCC77B7FDF4C339D0A5A970D7AA19573D25BDA2FE33 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
21:35:39.0565 0x1930  FreemakeVideoCapture - ok
21:35:39.0565 0x1930  FsDepends - ok
21:35:39.0580 0x1930  Fs_Rec - ok
21:35:39.0580 0x1930  fvevol - ok
21:35:39.0580 0x1930  gencounter - ok
21:35:39.0580 0x1930  genericusbfn - ok
21:35:39.0580 0x1930  GPIOClx0101 - ok
21:35:39.0580 0x1930  gpsvc - ok
21:35:39.0596 0x1930  GpuEnergyDrv - ok
21:35:39.0596 0x1930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:39.0611 0x1930  gupdate - ok
21:35:39.0611 0x1930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:39.0611 0x1930  gupdatem - ok
21:35:39.0611 0x1930  HDAudBus - ok
21:35:39.0611 0x1930  HidBatt - ok
21:35:39.0627 0x1930  HidBth - ok
21:35:39.0627 0x1930  hidi2c - ok
21:35:39.0627 0x1930  hidinterrupt - ok
21:35:39.0627 0x1930  HidIr - ok
21:35:39.0644 0x1930  hidserv - ok
21:35:39.0647 0x1930  HidUsb - ok
21:35:39.0649 0x1930  [ 7829E439EBDDDB0FEFD6DEBCEE6B09AD, FF6BB82CE0C21513E407FF465C768805CF202A7B4040140A944A0413875BEC37 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
21:35:39.0649 0x1930  HipShieldK - ok
21:35:39.0649 0x1930  HomeGroupListener - ok
21:35:39.0649 0x1930  HomeGroupProvider - ok
21:35:39.0680 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:39.0696 0x1930  HomeNetSvc - ok
21:35:39.0696 0x1930  HpSAMD - ok
21:35:39.0712 0x1930  HTTP - ok
21:35:39.0712 0x1930  HvHost - ok
21:35:39.0712 0x1930  hvservice - ok
21:35:39.0727 0x1930  hwpolicy - ok
21:35:39.0727 0x1930  hyperkbd - ok
21:35:39.0727 0x1930  i8042prt - ok
21:35:39.0744 0x1930  iagpio - ok
21:35:39.0749 0x1930  iai2c - ok
21:35:39.0749 0x1930  iaLPSS2i_GPIO2 - ok
21:35:39.0749 0x1930  iaLPSS2i_I2C - ok
21:35:39.0749 0x1930  iaLPSSi_GPIO - ok
21:35:39.0749 0x1930  iaLPSSi_I2C - ok
21:35:39.0780 0x1930  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:35:39.0780 0x1930  iaStorA - ok
21:35:39.0780 0x1930  iaStorAV - ok
21:35:39.0796 0x1930  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:35:39.0796 0x1930  IAStorDataMgrSvc - ok
21:35:39.0811 0x1930  iaStorV - ok
21:35:39.0811 0x1930  ibbus - ok
21:35:39.0811 0x1930  icssvc - ok
21:35:39.0811 0x1930  IKEEXT - ok
21:35:39.0827 0x1930  IndirectKmd - ok
21:35:39.0845 0x1930  InstallerService - ok
21:35:39.0965 0x1930  [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:35:40.0012 0x1930  IntcAzAudAddService - ok
21:35:40.0049 0x1930  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:35:40.0049 0x1930  Intel(R) Capability Licensing Service Interface - ok
21:35:40.0080 0x1930  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:35:40.0096 0x1930  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:35:40.0112 0x1930  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:35:40.0112 0x1930  Intel(R) ME Service - ok
21:35:40.0112 0x1930  intelide - ok
21:35:40.0127 0x1930  intelpep - ok
21:35:40.0127 0x1930  intelppm - ok
21:35:40.0127 0x1930  iorate - ok
21:35:40.0127 0x1930  IpFilterDriver - ok
21:35:40.0144 0x1930  iphlpsvc - ok
21:35:40.0147 0x1930  IPMIDRV - ok
21:35:40.0149 0x1930  IPNAT - ok
21:35:40.0153 0x1930  irda - ok
21:35:40.0155 0x1930  IRENUM - ok
21:35:40.0159 0x1930  irmon - ok
21:35:40.0163 0x1930  isapnp - ok
21:35:40.0170 0x1930  iScsiPrt - ok
21:35:40.0172 0x1930  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:35:40.0172 0x1930  jhi_service - ok
21:35:40.0187 0x1930  kbdclass - ok
21:35:40.0203 0x1930  kbdhid - ok
21:35:40.0203 0x1930  kdnic - ok
21:35:40.0203 0x1930  KeyIso - ok
21:35:40.0203 0x1930  KSecDD - ok
21:35:40.0203 0x1930  KSecPkg - ok
21:35:40.0219 0x1930  ksthunk - ok
21:35:40.0219 0x1930  KtmRm - ok
21:35:40.0219 0x1930  LanmanServer - ok
21:35:40.0219 0x1930  LanmanWorkstation - ok
21:35:40.0239 0x1930  lfsvc - ok
21:35:40.0243 0x1930  LicenseManager - ok
21:35:40.0246 0x1930  lltdio - ok
21:35:40.0249 0x1930  lltdsvc - ok
21:35:40.0249 0x1930  lmhosts - ok
21:35:40.0265 0x1930  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:35:40.0265 0x1930  LMS - ok
21:35:40.0281 0x1930  LSI_SAS - ok
21:35:40.0281 0x1930  LSI_SAS2i - ok
21:35:40.0281 0x1930  LSI_SAS3i - ok
21:35:40.0281 0x1930  LSI_SSS - ok
21:35:40.0281 0x1930  LSM - ok
21:35:40.0296 0x1930  luafv - ok
21:35:40.0296 0x1930  MapsBroker - ok
21:35:40.0296 0x1930  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:35:40.0296 0x1930  MBAMProtector - ok
21:35:40.0350 0x1930  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:35:40.0366 0x1930  MBAMScheduler - ok
21:35:40.0397 0x1930  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:35:40.0413 0x1930  MBAMService - ok
21:35:40.0444 0x1930  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:35:40.0449 0x1930  MBAMSwissArmy - ok
21:35:40.0450 0x1930  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:35:40.0450 0x1930  MBAMWebAccessControl - ok
21:35:40.0482 0x1930  [ ABF06CD1702972EBC070CED00D274095, 5C96B26732769367F2100DD969F5EDE885565772B2F8D2A08791DF04279F4BBE ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:35:40.0482 0x1930  McAfee SiteAdvisor Service - ok
21:35:40.0513 0x1930  [ 11D9A803DE0F825C59F3D4F17BD73A6E, FCD675CEE0B0CFFDF1A60251E1D753F7DB08223DCFCC107765EED7163FF2CFBD ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:35:40.0528 0x1930  McAPExe - ok
21:35:40.0550 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:40.0550 0x1930  McBootDelayStartSvc - ok
21:35:40.0566 0x1930  [ 06F7CA8FCF54DED400A1E9A9222DB24F, 40FECDE3494578FFB31C6457911529C093B6BD76FF257C858A132D0E1BB4CC83 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe
21:35:40.0581 0x1930  McComponentHostService - ok
21:35:40.0650 0x1930  [ 01B9FF6FA5F8605AE92695C1393CD833, A89709A51FE311CBACE1BFC28492C101E7F2D613481248F815D3FA0DB6900C29 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe
21:35:40.0682 0x1930  mccspsvc - ok
21:35:40.0697 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:40.0697 0x1930  McMPFSvc - ok
21:35:40.0713 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:40.0729 0x1930  McNaiAnn - ok
21:35:40.0782 0x1930  [ D4AD64832DF34E2C7916088D75B20152, F74E1049EB9ACD8BFDCB88669781E4655B4555E4F699BA57CD641F9058E6A139 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:35:40.0797 0x1930  McODS - ok
21:35:40.0813 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:40.0829 0x1930  mcpltsvc - ok
21:35:40.0850 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:40.0850 0x1930  McProxy - ok
21:35:40.0850 0x1930  megasas - ok
21:35:40.0866 0x1930  megasas2i - ok
21:35:40.0866 0x1930  megasr - ok
21:35:40.0866 0x1930  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:35:40.0866 0x1930  MEIx64 - ok
21:35:40.0882 0x1930  MessagingService - ok
21:35:40.0897 0x1930  [ 5FBBB352A34904A4A374C3EB62A09F15, 6EBA43181E8EBAE8A82145CDA17434903B720BA73F9D4297FB28F96C122E40B8 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
21:35:40.0913 0x1930  mfeaack - ok
21:35:40.0913 0x1930  [ D65406A780E64B5E6C48A06C8F2439A6, 3AA3BB5A3EA5798BE2DBDC3B3355F4F9F04CEC565F834DD8FB6A419A2DDAC53A ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
21:35:40.0929 0x1930  mfeavfk - ok
21:35:40.0929 0x1930  [ F64C5922E34CD0C786F7C8117A023F13, FCB51448366EB9E896205086F04A98479D94D2586D84D680241F123CB2653005 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
21:35:40.0929 0x1930  mfeelamk - ok
21:35:40.0950 0x1930  [ 4EAFB984E9533263B7D2F0C20DA822C1, EE60B94B632690FF9CFC423C7F0D28EE2EAB375430F7E59EBDB12D415763F6FB ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:35:40.0950 0x1930  mfefire - ok
21:35:40.0966 0x1930  [ 6ABC14D586E9DCCFF37988D0EC6B1345, DC40223FEF0CD2D1F5EB1CA6D67E8C889FCDC8AB2EE44508BD2C51070A50CA71 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
21:35:40.0966 0x1930  mfefirek - ok
21:35:40.0997 0x1930  [ 37914975BD1A752161A6A68D6755BD98, A05BC57CD14520862AFE77C79AB6642EA6E442B8DFB8D1626FF238FEF6FFFFA5 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
21:35:41.0013 0x1930  mfehidk - ok
21:35:41.0029 0x1930  [ 39B7315698B6F19BC14F2D538EF72981, E94663052849F0A6593C17F5412F1FC21174C225173866B335E534DB4539A8A2 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:35:41.0046 0x1930  mfemms - ok
21:35:41.0050 0x1930  [ 4306C4FA3551B1E6725B07BD4EF6EC02, 9B3DE12CDFA2FB33D39B08346279052D150B489B2696A9C4A637983A7F45EA11 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
21:35:41.0066 0x1930  mfencbdc - ok
21:35:41.0066 0x1930  [ 79404EA7FFB82C9426A06CC97DE8E83B, E1BAA3B92A5C91DA7B6E6BCB02EC8DA23F5AEB52C8BCA9052323B7462B7BD6DB ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
21:35:41.0066 0x1930  mfencrk - ok
21:35:41.0081 0x1930  [ 3A2C7251E0F4992AFA2E7636F045B723, 722FE227A18106673FA7E78B1F7B42285F7E016EEBDF75983C842A53DDEF62CC ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
21:35:41.0081 0x1930  mfeplk - ok
21:35:41.0097 0x1930  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:35:41.0097 0x1930  mfesapsn - ok
21:35:41.0113 0x1930  [ 43DB4E36146D076EBD7B864162C8C242, 3A84F17D3FCC9D3E481032A452D0984668AE286FCD9379A4204C1AD048A4BA6A ] mfevtp          C:\Windows\system32\mfevtps.exe
21:35:41.0113 0x1930  mfevtp - ok
21:35:41.0128 0x1930  [ 0143C30546864E43EB507AFBF2DC9E58, E09C4CFE0364805C522D355900FF7BDA1A6FFF5EDCAB094DA52AC9D90FB5D826 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
21:35:41.0128 0x1930  mfewfpk - ok
21:35:41.0128 0x1930  mlx4_bus - ok
21:35:41.0128 0x1930  MMCSS - ok
21:35:41.0145 0x1930  Modem - ok
21:35:41.0197 0x1930  [ DB131FDDEE1C581E9926C6E24485F9EC, F1AAA3DF7DB458F05B96358C0E30DAA456F3E92D085E68D81A4E0302E4D900FA ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:35:41.0213 0x1930  ModuleCoreService - ok
21:35:41.0213 0x1930  monitor - ok
21:35:41.0229 0x1930  mouclass - ok
21:35:41.0229 0x1930  mouhid - ok
21:35:41.0229 0x1930  mountmgr - ok
21:35:41.0229 0x1930  mpsdrv - ok
21:35:41.0229 0x1930  MpsSvc - ok
21:35:41.0248 0x1930  MRxDAV - ok
21:35:41.0250 0x1930  mrxsmb - ok
21:35:41.0250 0x1930  mrxsmb10 - ok
21:35:41.0250 0x1930  mrxsmb20 - ok
21:35:41.0250 0x1930  MsBridge - ok
21:35:41.0250 0x1930  MSDTC - ok
21:35:41.0250 0x1930  Msfs - ok
21:35:41.0266 0x1930  msgpiowin32 - ok
21:35:41.0266 0x1930  mshidkmdf - ok
21:35:41.0266 0x1930  mshidumdf - ok
21:35:41.0266 0x1930  msisadrv - ok
21:35:41.0266 0x1930  MSiSCSI - ok
21:35:41.0266 0x1930  msiserver - ok
21:35:41.0297 0x1930  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:35:41.0297 0x1930  MSK80Service - ok
21:35:41.0297 0x1930  MSKSSRV - ok
21:35:41.0313 0x1930  MsLldp - ok
21:35:41.0313 0x1930  MSPCLOCK - ok
21:35:41.0313 0x1930  MSPQM - ok
21:35:41.0313 0x1930  MsRPC - ok
21:35:41.0313 0x1930  mssmbios - ok
21:35:41.0313 0x1930  MSTEE - ok
21:35:41.0328 0x1930  MTConfig - ok
21:35:41.0328 0x1930  Mup - ok
21:35:41.0328 0x1930  mvumis - ok
21:35:41.0328 0x1930  NativeWifiP - ok
21:35:41.0328 0x1930  NcaSvc - ok
21:35:41.0348 0x1930  NcbService - ok
21:35:41.0350 0x1930  NcdAutoSetup - ok
21:35:41.0350 0x1930  ndfltr - ok
21:35:41.0350 0x1930  NDIS - ok
21:35:41.0350 0x1930  NdisCap - ok
21:35:41.0350 0x1930  NdisImPlatform - ok
21:35:41.0366 0x1930  NdisTapi - ok
21:35:41.0366 0x1930  Ndisuio - ok
21:35:41.0366 0x1930  NdisVirtualBus - ok
21:35:41.0366 0x1930  NdisWan - ok
21:35:41.0366 0x1930  ndiswanlegacy - ok
21:35:41.0366 0x1930  ndproxy - ok
21:35:41.0381 0x1930  Ndu - ok
21:35:41.0381 0x1930  NetAdapterCx - ok
21:35:41.0381 0x1930  NetBIOS - ok
21:35:41.0381 0x1930  NetBT - ok
21:35:41.0381 0x1930  Netlogon - ok
21:35:41.0381 0x1930  Netman - ok
21:35:41.0397 0x1930  netprofm - ok
21:35:41.0397 0x1930  NetSetupSvc - ok
21:35:41.0447 0x1930  NetTcpPortSharing - ok
21:35:41.0450 0x1930  NgcCtnrSvc - ok
21:35:41.0450 0x1930  NgcSvc - ok
21:35:41.0450 0x1930  NlaSvc - ok
21:35:41.0450 0x1930  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\WINDOWS\system32\drivers\npf.sys
21:35:41.0466 0x1930  npf - ok
21:35:41.0466 0x1930  Npfs - ok
21:35:41.0466 0x1930  npsvctrig - ok
21:35:41.0466 0x1930  nsi - ok
21:35:41.0466 0x1930  nsiproxy - ok
21:35:41.0482 0x1930  NTFS - ok
21:35:41.0482 0x1930  [ A0706FEA552415DB973DB27BDF2FF4F1, 52304E25745F96F3248E609E11F37CC112DC69A4DE47D70A3EE9E043428768F8 ] NuidFltr        C:\WINDOWS\System32\drivers\NuidFltr.sys
21:35:41.0482 0x1930  NuidFltr - ok
21:35:41.0482 0x1930  Null - ok
21:35:41.0497 0x1930  [ 01BB4162D40078249B4CA1D81A6F4C54, 8BFE840FFD5BCF977700BF84A14924E38B3EDB4A08B04C05A7F188F430507674 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
21:35:41.0497 0x1930  NVHDA - ok
21:35:41.0898 0x1930  [ 88F3EEDD47473E7206C0A049AE96A0F7, 3A02CF546993270E3DE2715F1065A4832CC1F2C6CCB62D87DDB939C423EF1EA1 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvmowu.inf_amd64_7d04a4e2e36ad11f\nvlddmkm.sys
21:35:42.0067 0x1930  nvlddmkm - ok
21:35:42.0082 0x1930  nvraid - ok
21:35:42.0098 0x1930  nvstor - ok
21:35:42.0098 0x1930  OneSyncSvc - ok
21:35:42.0114 0x1930  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:42.0114 0x1930  ose - ok
21:35:42.0114 0x1930  p2pimsvc - ok
21:35:42.0114 0x1930  p2psvc - ok
21:35:42.0114 0x1930  Parport - ok
21:35:42.0114 0x1930  partmgr - ok
21:35:42.0129 0x1930  PcaSvc - ok
21:35:42.0129 0x1930  pci - ok
21:35:42.0129 0x1930  pciide - ok
21:35:42.0129 0x1930  pcmcia - ok
21:35:42.0129 0x1930  pcw - ok
21:35:42.0129 0x1930  pdc - ok
21:35:42.0145 0x1930  PEAUTH - ok
21:35:42.0151 0x1930  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:35:42.0166 0x1930  PEFService - ok
21:35:42.0182 0x1930  percsas2i - ok
21:35:42.0182 0x1930  percsas3i - ok
21:35:42.0198 0x1930  PerfHost - ok
21:35:42.0213 0x1930  PhoneSvc - ok
21:35:42.0213 0x1930  PimIndexMaintenanceSvc - ok
21:35:42.0213 0x1930  pla - ok
21:35:42.0213 0x1930  PlugPlay - ok
21:35:42.0229 0x1930  [ F13CE31540E0A8EF6A069B8A1A6EAE7B, 759434B7B4BB6E5BEC0BED4EA8E0AA3CB05698D555874F5F5DA5873C6CE10622 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
21:35:42.0229 0x1930  PMBDeviceInfoProvider - ok
21:35:42.0248 0x1930  PNRPAutoReg - ok
21:35:42.0251 0x1930  PNRPsvc - ok
21:35:42.0251 0x1930  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
21:35:42.0251 0x1930  Point64 - ok
21:35:42.0251 0x1930  PolicyAgent - ok
21:35:42.0251 0x1930  Power - ok
21:35:42.0251 0x1930  PptpMiniport - ok
21:35:42.0267 0x1930  [ 39A0B403468B256E8DC64B2A3FEBD9CC, 537A3CE195108C825CEB7DCF6B8833D9CA8AC2F3513AAE8C81A3007444987AB7 ] Printer Control C:\Windows\system32\PrintCtrl.exe
21:35:42.0267 0x1930  Printer Control - ok
21:35:42.0351 0x1930  [ 77ABF70C71922873BC160933571B3F83, 7FCFBB4B42E7A92FCF11388CD5B600EA79A7C134F13A8A88CF8DCD3DB96C3F5A ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:35:42.0398 0x1930  PrintNotify - ok
21:35:42.0398 0x1930  Processor - ok
21:35:42.0414 0x1930  ProfSvc - ok
21:35:42.0414 0x1930  Psched - ok
21:35:42.0414 0x1930  QWAVE - ok
21:35:42.0414 0x1930  QWAVEdrv - ok
21:35:42.0414 0x1930  RasAcd - ok
21:35:42.0429 0x1930  RasAgileVpn - ok
21:35:42.0429 0x1930  RasAuto - ok
21:35:42.0429 0x1930  Rasl2tp - ok
21:35:42.0429 0x1930  RasMan - ok
21:35:42.0429 0x1930  RasPppoe - ok
21:35:42.0429 0x1930  RasSstp - ok
21:35:42.0429 0x1930  rdbss - ok
21:35:42.0447 0x1930  rdpbus - ok
21:35:42.0449 0x1930  RDPDR - ok
21:35:42.0452 0x1930  RdpVideoMiniport - ok
21:35:42.0452 0x1930  rdyboost - ok
21:35:42.0452 0x1930  ReFSv1 - ok
21:35:42.0452 0x1930  RemoteAccess - ok
21:35:42.0452 0x1930  RemoteRegistry - ok
21:35:42.0467 0x1930  RetailDemo - ok
21:35:42.0467 0x1930  RmSvc - ok
21:35:42.0467 0x1930  RpcEptMapper - ok
21:35:42.0467 0x1930  RpcLocator - ok
21:35:42.0467 0x1930  RpcSs - ok
21:35:42.0467 0x1930  rspndr - ok
21:35:42.0483 0x1930  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
21:35:42.0499 0x1930  RTL8168 - ok
21:35:42.0499 0x1930  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\WINDOWS\System32\drivers\s0016bus.sys
21:35:42.0499 0x1930  s0016bus - ok
21:35:42.0514 0x1930  [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl       C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
21:35:42.0514 0x1930  s0016mdfl - ok
21:35:42.0514 0x1930  [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm        C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
21:35:42.0514 0x1930  s0016mdm - ok
21:35:42.0530 0x1930  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
21:35:42.0530 0x1930  s0016mgmt - ok
21:35:42.0530 0x1930  [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5        C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
21:35:42.0530 0x1930  s0016nd5 - ok
21:35:42.0530 0x1930  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\WINDOWS\system32\DRIVERS\s0016obex.sys
21:35:42.0548 0x1930  s0016obex - ok
21:35:42.0552 0x1930  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\WINDOWS\System32\drivers\s0016unic.sys
21:35:42.0552 0x1930  s0016unic - ok
21:35:42.0552 0x1930  s3cap - ok
21:35:42.0552 0x1930  SamSs - ok
21:35:42.0552 0x1930  sbp2port - ok
21:35:42.0552 0x1930  SCardSvr - ok
21:35:42.0552 0x1930  ScDeviceEnum - ok
21:35:42.0568 0x1930  scfilter - ok
21:35:42.0568 0x1930  Schedule - ok
21:35:42.0568 0x1930  scmbus - ok
21:35:42.0568 0x1930  scmdisk0101 - ok
21:35:42.0568 0x1930  SCPolicySvc - ok
21:35:42.0568 0x1930  sdbus - ok
21:35:42.0583 0x1930  SDRSVC - ok
21:35:42.0583 0x1930  sdstor - ok
21:35:42.0583 0x1930  seclogon - ok
21:35:42.0583 0x1930  SENS - ok
21:35:42.0583 0x1930  SensorDataService - ok
21:35:42.0583 0x1930  SensorService - ok
21:35:42.0599 0x1930  SensrSvc - ok
21:35:42.0599 0x1930  SerCx - ok
21:35:42.0599 0x1930  SerCx2 - ok
21:35:42.0599 0x1930  Serenum - ok
21:35:42.0599 0x1930  Serial - ok
21:35:42.0599 0x1930  sermouse - ok
21:35:42.0615 0x1930  SessionEnv - ok
21:35:42.0615 0x1930  sfloppy - ok
21:35:42.0615 0x1930  SharedAccess - ok
21:35:42.0615 0x1930  ShellHWDetection - ok
21:35:42.0630 0x1930  shpamsvc - ok
21:35:42.0630 0x1930  SiSRaid2 - ok
21:35:42.0630 0x1930  SiSRaid4 - ok
21:35:42.0630 0x1930  [ 0D0D3F885589CDEA678C3B17ABB70DC7, FA1D628A81CBE9DE287162A1D2B8661548476ED7159C2AEF60E7B954EB8FC133 ] SLEE_19_DRIVER  C:\WINDOWS\Sleen1964.sys
21:35:42.0630 0x1930  SLEE_19_DRIVER - ok
21:35:42.0646 0x1930  smphost - ok
21:35:42.0648 0x1930  SmsRouter - ok
21:35:42.0652 0x1930  SNMPTRAP - ok
21:35:42.0652 0x1930  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:35:42.0652 0x1930  Sony PC Companion - ok
21:35:42.0652 0x1930  spaceport - ok
21:35:42.0668 0x1930  SpbCx - ok
21:35:42.0668 0x1930  Spooler - ok
21:35:42.0668 0x1930  sppsvc - ok
21:35:42.0668 0x1930  srv - ok
21:35:42.0668 0x1930  srv2 - ok
21:35:42.0668 0x1930  srvnet - ok
21:35:42.0684 0x1930  SSDPSRV - ok
21:35:42.0684 0x1930  SstpSvc - ok
21:35:42.0684 0x1930  StateRepository - ok
21:35:42.0684 0x1930  stexstor - ok
21:35:42.0684 0x1930  stisvc - ok
21:35:42.0684 0x1930  storahci - ok
21:35:42.0699 0x1930  storflt - ok
21:35:42.0699 0x1930  stornvme - ok
21:35:42.0699 0x1930  storqosflt - ok
21:35:42.0699 0x1930  StorSvc - ok
21:35:42.0699 0x1930  storufs - ok
21:35:42.0699 0x1930  storvsc - ok
21:35:42.0715 0x1930  svsvc - ok
21:35:42.0715 0x1930  swenum - ok
21:35:42.0715 0x1930  swprv - ok
21:35:42.0715 0x1930  Synth3dVsc - ok
21:35:42.0715 0x1930  SysMain - ok
21:35:42.0715 0x1930  SystemEventsBroker - ok
21:35:42.0715 0x1930  TabletInputService - ok
21:35:42.0730 0x1930  TapiSrv - ok
21:35:42.0730 0x1930  Tcpip - ok
21:35:42.0730 0x1930  Tcpip6 - ok
21:35:42.0730 0x1930  tcpipreg - ok
21:35:42.0730 0x1930  tdx - ok
21:35:42.0747 0x1930  terminpt - ok
21:35:42.0750 0x1930  TermService - ok
21:35:42.0752 0x1930  Themes - ok
21:35:42.0752 0x1930  TieringEngineService - ok
21:35:42.0752 0x1930  tiledatamodelsvc - ok
21:35:42.0752 0x1930  TimeBrokerSvc - ok
21:35:42.0752 0x1930  TPM - ok
21:35:42.0752 0x1930  TrkWks - ok
21:35:42.0768 0x1930  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
21:35:42.0768 0x1930  truecrypt - ok
21:35:42.0783 0x1930  [ B6A784DF9C081A9D5829C78E33BDCE42, 08C8AF577AAF124B33DDB25FC66E6A9046112FEAC50F19D21EF966B1269B2902 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
21:35:42.0799 0x1930  TrueKey - ok
21:35:42.0799 0x1930  [ 26EBE10498108E9EA746EF804AF4C680, 4E2559FEBA8189FDAC5F09BB0A779F56399D8162180FA5E0F3B27DEC3B6F0142 ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
21:35:42.0799 0x1930  TrueKeyScheduler - ok
21:35:42.0815 0x1930  [ 100F50AA137071A078B1BCED9414AFA1, C5FD41F487BE755A257C980048FA9086B1AA563E7897A16235BB31B52A06A976 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
21:35:42.0815 0x1930  TrueKeyServiceHelper - ok
21:35:42.0815 0x1930  TrustedInstaller - ok
21:35:42.0830 0x1930  tsusbflt - ok
21:35:42.0830 0x1930  TsUsbGD - ok
21:35:42.0830 0x1930  tunnel - ok
21:35:42.0830 0x1930  tzautoupdate - ok
21:35:42.0830 0x1930  UASPStor - ok
21:35:42.0830 0x1930  UcmCx0101 - ok
21:35:42.0847 0x1930  UcmTcpciCx0101 - ok
21:35:42.0849 0x1930  UcmUcsi - ok
21:35:42.0852 0x1930  Ucx01000 - ok
21:35:42.0852 0x1930  UdeCx - ok
21:35:42.0852 0x1930  udfs - ok
21:35:42.0852 0x1930  UEFI - ok
21:35:42.0852 0x1930  Ufx01000 - ok
21:35:42.0852 0x1930  UfxChipidea - ok
21:35:42.0852 0x1930  ufxsynopsys - ok
21:35:42.0868 0x1930  UI0Detect - ok
21:35:42.0868 0x1930  umbus - ok
21:35:42.0868 0x1930  UmPass - ok
21:35:42.0868 0x1930  UmRdpService - ok
21:35:42.0868 0x1930  UnistoreSvc - ok
21:35:42.0883 0x1930  upnphost - ok
21:35:42.0883 0x1930  UrsChipidea - ok
21:35:42.0883 0x1930  UrsCx01000 - ok
21:35:42.0883 0x1930  UrsSynopsys - ok
21:35:42.0883 0x1930  usbaudio - ok
21:35:42.0883 0x1930  usbccgp - ok
21:35:42.0899 0x1930  usbcir - ok
21:35:42.0899 0x1930  usbehci - ok
21:35:42.0899 0x1930  usbhub - ok
21:35:42.0899 0x1930  USBHUB3 - ok
21:35:42.0899 0x1930  usbohci - ok
21:35:42.0899 0x1930  usbprint - ok
21:35:42.0915 0x1930  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:35:42.0915 0x1930  usbscan - ok
21:35:42.0915 0x1930  usbser - ok
21:35:42.0915 0x1930  USBSTOR - ok
21:35:42.0915 0x1930  usbuhci - ok
21:35:42.0915 0x1930  USBXHCI - ok
21:35:42.0930 0x1930  usb_rndisx - ok
21:35:42.0930 0x1930  UserDataSvc - ok
21:35:42.0930 0x1930  UserManager - ok
21:35:42.0930 0x1930  UsoSvc - ok
21:35:42.0930 0x1930  VaultSvc - ok
21:35:42.0930 0x1930  vdrvroot - ok
21:35:42.0947 0x1930  vds - ok
21:35:42.0950 0x1930  VerifierExt - ok
21:35:42.0952 0x1930  vhdmp - ok
21:35:42.0952 0x1930  vhf - ok
21:35:42.0952 0x1930  vmbus - ok
21:35:42.0952 0x1930  VMBusHID - ok
21:35:42.0952 0x1930  vmgid - ok
21:35:42.0952 0x1930  vmicguestinterface - ok
21:35:42.0968 0x1930  vmicheartbeat - ok
21:35:42.0968 0x1930  vmickvpexchange - ok
21:35:42.0968 0x1930  vmicrdv - ok
21:35:42.0968 0x1930  vmicshutdown - ok
21:35:42.0968 0x1930  vmictimesync - ok
21:35:42.0968 0x1930  vmicvmsession - ok
21:35:42.0984 0x1930  vmicvss - ok
21:35:42.0984 0x1930  volmgr - ok
21:35:42.0984 0x1930  volmgrx - ok
21:35:42.0984 0x1930  volsnap - ok
21:35:42.0984 0x1930  volume - ok
21:35:42.0984 0x1930  vpci - ok
21:35:42.0999 0x1930  vsmraid - ok
21:35:42.0999 0x1930  VSS - ok
21:35:42.0999 0x1930  VSTXRAID - ok
21:35:42.0999 0x1930  vwifibus - ok
21:35:42.0999 0x1930  vwififlt - ok
21:35:42.0999 0x1930  W32Time - ok
21:35:43.0015 0x1930  WacomPen - ok
21:35:43.0015 0x1930  WalletService - ok
21:35:43.0015 0x1930  wanarp - ok
21:35:43.0015 0x1930  wanarpv6 - ok
21:35:43.0015 0x1930  wbengine - ok
21:35:43.0015 0x1930  WbioSrvc - ok
21:35:43.0030 0x1930  wcifs - ok
21:35:43.0030 0x1930  Wcmsvc - ok
21:35:43.0030 0x1930  wcncsvc - ok
21:35:43.0030 0x1930  wcnfs - ok
21:35:43.0030 0x1930  WdBoot - ok
21:35:43.0046 0x1930  Wdf01000 - ok
21:35:43.0049 0x1930  WdFilter - ok
21:35:43.0051 0x1930  WdiServiceHost - ok
21:35:43.0053 0x1930  WdiSystemHost - ok
21:35:43.0053 0x1930  wdiwifi - ok
21:35:43.0053 0x1930  WdNisDrv - ok
21:35:43.0053 0x1930  WdNisSvc - ok
21:35:43.0053 0x1930  WebClient - ok
21:35:43.0053 0x1930  Wecsvc - ok
21:35:43.0068 0x1930  WEPHOSTSVC - ok
21:35:43.0068 0x1930  wercplsupport - ok
21:35:43.0068 0x1930  WerSvc - ok
21:35:43.0068 0x1930  WFPLWFS - ok
21:35:43.0068 0x1930  WiaRpc - ok
21:35:43.0068 0x1930  WIMMount - ok
21:35:43.0084 0x1930  WinDefend - ok
21:35:43.0084 0x1930  WindowsTrustedRT - ok
21:35:43.0084 0x1930  WindowsTrustedRTProxy - ok
21:35:43.0084 0x1930  WinHttpAutoProxySvc - ok
21:35:43.0100 0x1930  WinMad - ok
21:35:43.0100 0x1930  Winmgmt - ok
21:35:43.0100 0x1930  WinRM - ok
21:35:43.0100 0x1930  WINUSB - ok
21:35:43.0115 0x1930  WinVerbs - ok
21:35:43.0115 0x1930  wisvc - ok
21:35:43.0115 0x1930  WlanSvc - ok
21:35:43.0115 0x1930  wlidsvc - ok
21:35:43.0115 0x1930  WmiAcpi - ok
21:35:43.0115 0x1930  wmiApSrv - ok
21:35:43.0131 0x1930  WMPNetworkSvc - ok
21:35:43.0131 0x1930  Wof - ok
21:35:43.0131 0x1930  workfolderssvc - ok
21:35:43.0131 0x1930  WPDBusEnum - ok
21:35:43.0131 0x1930  WpdUpFltr - ok
21:35:43.0131 0x1930  WpnService - ok
21:35:43.0149 0x1930  WpnUserService - ok
21:35:43.0152 0x1930  ws2ifsl - ok
21:35:43.0152 0x1930  wscsvc - ok
21:35:43.0152 0x1930  WSearch - ok
21:35:43.0172 0x1930  [ 8C17F3795DAE9A0ECDE4B3A3B0740E5F, 65807F2EEB7E60E1A7EFB4AEC9BB20C7121E8754E9001616DF919E5EA8B7C541 ] wtqfv           C:\WINDOWS\system32\drivers\dhggc.sys
21:35:43.0174 0x1930  wtqfv - ok
21:35:43.0178 0x1930  wuauserv - ok
21:35:43.0180 0x1930  WudfPf - ok
21:35:43.0183 0x1930  WUDFRd - ok
21:35:43.0186 0x1930  wudfsvc - ok
21:35:43.0189 0x1930  WUDFWpdFs - ok
21:35:43.0192 0x1930  WwanSvc - ok
21:35:43.0195 0x1930  XblAuthManager - ok
21:35:43.0198 0x1930  XblGameSave - ok
21:35:43.0200 0x1930  xboxgip - ok
21:35:43.0203 0x1930  XboxNetApiSvc - ok
21:35:43.0205 0x1930  xinputhid - ok
21:35:43.0207 0x1930  ================ Scan global ===============================
21:35:43.0211 0x1930  [ Global ] - ok
21:35:43.0211 0x1930  ================ Scan MBR ==================================
21:35:43.0211 0x1930  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:35:43.0211 0x1930  \Device\Harddisk0\DR0 - ok
21:35:43.0268 0x1930  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:35:43.0315 0x1930  \Device\Harddisk1\DR1 - ok
21:35:43.0315 0x1930  ================ Scan VBR ==================================
21:35:43.0315 0x1930  [ 2204AA01506A27569505A7E737AE5C6E ] \Device\Harddisk0\DR0\Partition1
21:35:43.0315 0x1930  \Device\Harddisk0\DR0\Partition1 - ok
21:35:43.0331 0x1930  [ 9CC201B9C6D4E85CDCFBB7DBA2045A44 ] \Device\Harddisk0\DR0\Partition2
21:35:43.0331 0x1930  \Device\Harddisk0\DR0\Partition2 - ok
21:35:43.0353 0x1930  [ 68492777A10F581CA995315C3B1C63CF ] \Device\Harddisk0\DR0\Partition3
21:35:43.0353 0x1930  \Device\Harddisk0\DR0\Partition3 - ok
21:35:43.0353 0x1930  [ 50EE8251C8DDF70887911D4DE69FA28A ] \Device\Harddisk0\DR0\Partition4
21:35:43.0353 0x1930  \Device\Harddisk0\DR0\Partition4 - ok
21:35:43.0369 0x1930  [ 35F3FA79E4D326B2528B3665E9968BC9 ] \Device\Harddisk0\DR0\Partition5
21:35:43.0369 0x1930  \Device\Harddisk0\DR0\Partition5 - ok
21:35:43.0384 0x1930  [ C5228FFBA69CE24B53C79E506250010B ] \Device\Harddisk0\DR0\Partition6
21:35:43.0384 0x1930  \Device\Harddisk0\DR0\Partition6 - ok
21:35:43.0400 0x1930  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
21:35:43.0400 0x1930  \Device\Harddisk1\DR1\Partition1 - ok
21:35:43.0449 0x1930  [ 640935CC2C751DCEEB81B4972B1D89F6 ] \Device\Harddisk1\DR1\Partition2
21:35:43.0458 0x1930  \Device\Harddisk1\DR1\Partition2 - ok
21:35:43.0489 0x1930  [ 75B1BF01ED2B96B5DA2FD14BC7C019A9 ] \Device\Harddisk1\DR1\Partition3
21:35:43.0500 0x1930  \Device\Harddisk1\DR1\Partition3 - ok
21:35:43.0501 0x1930  ================ Scan generic autorun ======================
21:35:43.0771 0x1930  [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:35:43.0942 0x1930  RTHDVCPL - ok
21:35:43.0955 0x1930  [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:35:43.0957 0x1930  IAStorIcon - ok
21:35:43.0983 0x1930  [ 280F8A1282098C30AE2F1EBDB521E4CB, 5B892EDA3D013CB5292E3B2A682F957C3E66483AEF05258F43AE3B7DCEDC8A5A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:35:44.0007 0x1930  NvBackend - ok
21:35:44.0022 0x1930  [ 62CC591A26444BAF5AEBEC7B4D61AC94, 81157754438469DEB378DE939A512F5280C18C5F85706CF17D9058D86DF0043A ] C:\Windows\system32\PrintDisp.exe
21:35:44.0038 0x1930  PrintDisp - ok
21:35:44.0039 0x1930  WindowsDefender - ok
21:35:44.0044 0x1930  [ 4E9AF25BA5E8219310E384AEA5B0EED8, 743062F755E7A88BA394E96CA26A988CCFDF73B441B779B3149D54A769CBC411 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
21:35:44.0047 0x1930  CLMLServer_For_P2G8 - ok
21:35:44.0055 0x1930  [ 3DB184D96E9BCFD40E071DBADCA6127C, 5DBC91C1749267803415AF265B3AFE3663D515F579F9C771D2FC3ED4D5B96390 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
21:35:44.0063 0x1930  CLVirtualDrive - ok
21:35:44.0068 0x1930  [ 0966408A384E8B0FE57B0008E18D561C, 045AB5798CAFA7D27E7D02F780B3508EBF34C0991C8EF166A61CF869D9399B70 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
21:35:44.0071 0x1930  RemoteControl10 - ok
21:35:44.0072 0x1930  DelaypluginInstall - ok
21:35:44.0091 0x1930  [ 3B39FF4F3184A2A1541D6BBC21BC64FF, A8CA608DE2EFE72D1BBBEEAFD0FE0427EC34335612C97A5BC85B73F493446405 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
21:35:44.0109 0x1930  CanonQuickMenu - ok
21:35:44.0115 0x1930  Dropbox - ok
21:35:44.0120 0x1930  [ 94322C203220AF49B17829336C9C9CB9, 4314FB771683B3DFF0890A157C8EB58B975735F7C686F980FBCE2C3BFC7341BA ] C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe
21:35:44.0123 0x1930  Steganos HotKeys - ok
21:35:44.0125 0x1930  [ 40AB55A93068DA9591F458442E34BDA2, DFA253DD5806C7F4F3E2827CA6F71F94420EEBD7C28A94096956AFF9AC87CA24 ] C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe
21:35:44.0126 0x1930  SAFE16 File Redirection Starter - ok
21:35:44.0156 0x1930  [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
21:35:44.0184 0x1930  Wondershare Helper Compact.exe - ok
21:35:44.0185 0x1930  ProductUpdater - ok
21:35:44.0231 0x1930  [ 41A602561741C62D7BCE4E05754152F4, 53742048DB673C4254A59CEB2DD7B5BD791ABAA5CE7169C5E5F178F5DCFB8F7E ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
21:35:44.0269 0x1930  PMBVolumeWatcher - ok
21:35:44.0281 0x1930  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:35:44.0289 0x1930  SunJavaUpdateSched - ok
21:35:44.0292 0x1930  [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
21:35:44.0294 0x1930   Malwarebytes Anti-Malware  (cleanup) - ok
21:35:44.0316 0x1930  OneDriveSetup - ok
21:35:44.0317 0x1930  OneDriveSetup - ok
21:35:44.0325 0x1930  [ 89CACBC5A5D9F14AD11F09D1DE49294E, 5D9F810E57527ED9E95BB208DBA13D25AF64346B298C1C793335775F9AED21C7 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
21:35:44.0332 0x1930  Sony PC Companion - ok
21:35:44.0364 0x1930  [ 24A6799C5007B9C25D186287166FE197, 0BACE9A63E5ABC975E3B5C3AD3EDF80EEA040446D373C8F56BC3580F30881F47 ] C:\Program Files (x86)\Navigation Tom Tom\MyDrive Connect\TomTom MyDrive Connect.exe
21:35:44.0391 0x1930  MyDriveConnect.exe - ok
21:35:44.0417 0x1930  [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Robert\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:35:44.0438 0x1930  OneDrive - ok
21:35:44.0441 0x1930  [ 6F3EB2D88973A6076FF07577DB45EEAD, 29E0CE82D8887C17765B568A0CE340D2961449A5ABCC07DA94757D6D182D3C09 ] C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe
21:35:44.0443 0x1930  SAFE16 Browser Monitor - ok
21:35:44.0548 0x1930  [ 692631AE5F27B50BD357AB0492E31085, 3D3F651899FDFA5C61FEF39090E2E23514C35626693C039726AF9D77FA62F803 ] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
21:35:44.0619 0x1930  AshSnap - ok
21:35:44.0622 0x1930  Waiting for KSN requests completion. In queue: 44
21:35:45.0635 0x1930  Waiting for KSN requests completion. In queue: 44
21:35:46.0759 0x1930  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:35:46.0774 0x1930  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51000 ( enabled : updated )
21:35:46.0774 0x1930  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51010 ( enabled )
21:35:47.0976 0x1930  ============================================================
21:35:47.0976 0x1930  Scan finished
21:35:47.0976 0x1930  ============================================================
21:35:47.0992 0x37a4  Detected object count: 0
21:35:47.0992 0x37a4  Actual detected object count: 0

robert2102 · 26.03.2017, 22:38

[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Robert (Administrator) auf RB-PC (26-03-2017 21:24:20)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert & (Verfügbare Profile: Robert)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTF0DE.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft) C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Ascora GmbH) C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8021.42017.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8021.42017.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\Safe.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\UPDMGR\4.0.4017.4\mcupdatemgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-02-13] (NVIDIA Corporation)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-22] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28065728 2017-03-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe [102400 2014-10-28] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE16 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe [17408 2014-10-28] (Steganos Software GmbH)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3001536 2016-12-16] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\Navigation Tom Tom\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [SAFE16 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe [73728 2014-10-28] (Steganos Software GmbH)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5846360 2015-06-05] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-09] (Google Inc.)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\Navigation Tom Tom\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SAFE16 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe [73728 2014-10-28] (Steganos Software GmbH)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5846360 2015-06-05] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-09] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-02-28]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar357.lnk [2017-03-25]
ShortcutTarget: Sidebar357.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0052c886-7091-4d23-984f-40b962e76652}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-03] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-03] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-24] (McAfee, Inc.)
Handler: WSWSVCUchrome - Kein CLSID Wert
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-24] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3251521826-911854800-2584752506-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Robert\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-11] (Citrix Online)
FF Plugin HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Robert\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-11] (Citrix Online)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.at/
CHR NewTab: Default -> Active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html"
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Tabie) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj [2015-06-20]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Adblock Plus) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Send Link) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaphlkefgpbpjfohdklmmmainekohil [2017-01-07]
CHR Extension: (Google-Suche) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-23]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Amazon Discount Finder) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdnljepgpemjmhehgjianajlblmbkgfn [2016-06-06]
CHR Extension: (IE Tab) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-02-26]
CHR Extension: (FromDocToPDF) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-03-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-12]
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-18]
CHR Extension: (Google Präsentationen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-11]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-11]
CHR Extension: (Google-Suche) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-11]
CHR Extension: (Google Tabellen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-08-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-08-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0171261490479076mcinstcleanup; C:\WINDOWS\TEMP\017126~1.EXE [1030904 2017-02-09] (McAfee, Inc.)
R3 AbAdminService; C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe [32520 2015-03-23] (Ascora GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752480 2017-02-24] (Intel Security)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-01] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-01] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-03-11] (Dropbox, Inc.)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-10-20] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-24] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [505024 2016-12-16] (Sony Corporation)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvSoft Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-26] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmowu.inf_amd64_7d04a4e2e36ad11f\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Remus - ArchiCrypt - )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 andnetadb; \SystemRoot\System32\Drivers\lgandnetadb.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-26 21:24 - 2017-03-26 21:24 - 00039333 _____ C:\Users\Robert\Desktop\FRST.txt
2017-03-26 21:23 - 2017-03-26 21:24 - 00000000 ____D C:\FRST
2017-03-26 21:23 - 2017-03-26 21:23 - 02424832 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2017-03-25 13:25 - 2017-03-25 13:26 - 00000000 ____D C:\Users\Robert\Dokumente\Lesezeichen - Sicherung
2017-03-25 11:57 - 2017-03-25 11:57 - 00000000 ___HD C:\OneDriveTemp
2017-03-25 00:23 - 2017-03-25 00:23 - 00000000 ____D C:\Users\Robert\Dokumente\Multilizer
2017-03-24 23:28 - 2017-03-24 23:37 - 04031440 _____ C:\Users\Robert\Desktop\AdwCleaner_6.044.exe
2017-03-24 21:32 - 2017-03-24 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-23 23:33 - 2017-03-23 23:34 - 00000000 ____D C:\Users\Robert\Dokumente\Infrarotbild
2017-03-23 21:52 - 2017-03-26 21:23 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-23 09:55 - 2017-03-23 09:55 - 00000000 ____D C:\WINDOWS\Panther
2017-03-23 08:43 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-23 08:43 - 2017-03-04 08:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-23 08:43 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-23 08:43 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-23 08:43 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-23 08:43 - 2017-03-04 08:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-23 08:43 - 2017-03-04 08:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-23 08:43 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-23 08:43 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-23 08:43 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-23 08:43 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-23 08:43 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-23 08:43 - 2017-03-04 08:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-23 08:43 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-23 08:43 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-23 08:43 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-23 08:43 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-23 08:43 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-23 08:43 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-23 08:43 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-23 08:43 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-23 08:43 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-23 08:43 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-23 08:43 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-23 08:43 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-23 08:43 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-23 08:43 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-23 08:43 - 2017-03-04 08:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-23 08:43 - 2017-03-04 08:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-23 08:43 - 2017-03-04 08:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-23 08:43 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-23 08:43 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-23 08:43 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-23 08:43 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-23 08:43 - 2017-03-04 08:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-23 08:43 - 2017-03-04 08:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-23 08:43 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-23 08:43 - 2017-03-04 08:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-23 08:43 - 2017-03-04 08:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-23 08:43 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-23 08:43 - 2017-03-04 07:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-23 08:42 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-23 08:42 - 2017-03-04 09:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-23 08:42 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-23 08:42 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-23 08:42 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-23 08:42 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-23 08:42 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-23 08:42 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-23 08:42 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-23 08:42 - 2017-03-04 09:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-23 08:42 - 2017-03-04 09:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-23 08:42 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-23 08:42 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-23 08:42 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-23 08:42 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-23 08:42 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-23 08:42 - 2017-03-04 09:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-23 08:42 - 2017-03-04 09:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-23 08:42 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-23 08:42 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-23 08:42 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-23 08:42 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-23 08:42 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-23 08:42 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-23 08:42 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-23 08:42 - 2017-03-04 09:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-23 08:42 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-23 08:42 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-23 08:42 - 2017-03-04 09:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-23 08:42 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-23 08:42 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-23 08:42 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-23 08:42 - 2017-03-04 09:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-23 08:42 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-23 08:42 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-23 08:42 - 2017-03-04 09:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-23 08:42 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-23 08:42 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-23 08:42 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-23 08:42 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-23 08:42 - 2017-03-04 08:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-23 08:42 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-23 08:42 - 2017-03-04 08:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-23 08:42 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-23 08:42 - 2017-03-04 08:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-23 08:42 - 2017-03-04 08:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-23 08:42 - 2017-03-04 08:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-23 08:42 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-23 08:42 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-23 08:42 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-23 08:42 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-23 08:42 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-23 08:42 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-23 08:42 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-23 08:42 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-23 08:42 - 2017-03-04 08:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-23 08:42 - 2017-03-04 08:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-23 08:42 - 2017-03-04 08:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-23 08:42 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-23 08:42 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-23 08:42 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-23 08:42 - 2017-03-04 08:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-23 08:42 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-23 08:42 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-23 08:42 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-23 08:42 - 2017-03-04 08:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-23 08:42 - 2017-03-04 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-23 08:42 - 2017-03-04 08:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-23 08:42 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-23 08:42 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-23 08:42 - 2017-03-04 08:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-23 08:42 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-23 08:42 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-23 08:42 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation)

robert2102 · 26.03.2017, 22:39

Code:

ATTFilter

[C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-23 08:42 - 2017-03-04 08:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-23 08:42 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-23 08:42 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-23 08:42 - 2017-03-04 08:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-23 08:42 - 2017-03-04 08:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-23 08:42 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-23 08:42 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-23 08:42 - 2017-03-04 08:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-23 08:42 - 2017-03-04 08:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-23 08:42 - 2017-03-04 08:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-23 08:42 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-23 08:42 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-23 08:42 - 2017-03-04 08:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-23 08:42 - 2017-03-04 08:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-23 08:42 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-23 08:42 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-23 08:42 - 2017-03-04 08:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-23 08:42 - 2017-03-04 08:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-23 08:42 - 2017-03-04 08:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-23 08:42 - 2017-03-04 08:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-23 08:42 - 2017-03-04 08:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-23 08:42 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-23 08:42 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-23 08:42 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-23 08:42 - 2017-03-04 08:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-23 08:42 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-23 08:42 - 2017-03-04 08:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-23 08:42 - 2017-03-04 08:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-23 08:42 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-23 08:42 - 2017-03-04 08:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-23 08:42 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-23 08:42 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-23 08:42 - 2017-03-04 08:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-23 08:42 - 2017-03-04 08:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-23 08:42 - 2017-03-04 08:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-23 08:42 - 2017-03-04 08:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-23 08:42 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-23 08:42 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-23 08:42 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-23 08:42 - 2017-03-04 07:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-23 08:42 - 2017-03-04 07:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-23 08:42 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-23 08:42 - 2017-03-04 07:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-23 08:42 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-23 08:42 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-23 08:42 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-23 08:42 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-23 08:42 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-22 16:36 - 2017-03-23 09:50 - 00000000 ____D C:\Users\Robert\Dokumente\Sepi
2017-03-15 12:06 - 2017-03-15 12:08 - 00338047 _____ C:\Users\Robert\Dokumente\IMG_20170315_0002.pdf
2017-03-15 11:37 - 2017-03-15 11:37 - 00542431 _____ C:\Users\Robert\Dokumente\IMG_20170315_0001.pdf
2017-03-14 00:52 - 2017-03-14 00:52 - 01137186 _____ C:\Users\Robert\Dokumente\IMG_20170313_0001.pdf
2017-03-12 23:52 - 2017-03-12 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-03-12 23:52 - 2017-03-12 23:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-03-12 23:36 - 2017-03-25 23:58 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-03-12 23:36 - 2017-03-25 13:37 - 00000000 ____D C:\Users\Robert\AppData\Local\tkdata
2017-03-12 23:36 - 2017-03-12 23:36 - 00001229 _____ C:\Users\Public\Desktop\True Key.lnk
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\ProgramData\TrueKey
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\Program Files\Intel Security
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-03-12 23:22 - 2017-03-25 23:58 - 00000000 ____D C:\Program Files\TrueKey
2017-03-12 23:22 - 2017-03-18 02:59 - 00004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-12 23:22 - 2017-03-18 02:59 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-12 23:22 - 2017-03-12 23:52 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-03-12 23:22 - 2017-03-12 23:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-03-12 18:38 - 2017-03-12 18:38 - 00002352 _____ C:\Users\Robert\Desktop\Kindle.lnk
2017-03-12 15:33 - 2017-03-12 15:33 - 00000000 ____D C:\Users\Robert\Dokumente\Amazon
2017-03-11 01:17 - 2017-03-11 01:17 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-03-06 20:19 - 2017-03-25 21:38 - 00001224 _____ C:\Users\Robert\Desktop\Webinare mit Oli Klemm 2-3.2017 - Verknüpfung.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-26 21:23 - 2016-09-22 05:28 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-03-26 21:22 - 2015-06-13 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-26 21:16 - 2016-10-24 01:16 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D5BFC1CD-2C86-4051-B419-52D439D37A4D}
2017-03-26 21:12 - 2016-10-24 00:25 - 00000000 ____D C:\Users\Robert\AppData\Local\Sidebar7
2017-03-26 21:12 - 2016-09-22 05:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-26 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-26 21:12 - 2015-08-02 14:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-26 15:28 - 2015-03-21 23:26 - 00000000 ____D C:\Users\Robert\Downloads\PC Hilfsprogramme
2017-03-26 14:31 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-26 14:13 - 2015-01-31 04:15 - 00000000 ____D C:\Users\Robert\Dokumente\AA-TRADING, Forex , binarne operacie
2017-03-26 04:40 - 2015-03-08 23:54 - 00000000 ____D C:\Users\Robert\AppData\Roaming\MetaQuotes
2017-03-25 23:57 - 2015-06-13 00:12 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-25 20:25 - 2015-01-31 03:28 - 00000000 ____D C:\Users\Robert\AppData\Local\Packages
2017-03-25 14:43 - 2015-03-29 13:46 - 00010752 _____ C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-25 13:43 - 2015-11-08 11:41 - 00000000 ____D C:\Users\Robert\Dokumente\Zdravie-Gesundheit
2017-03-25 13:26 - 2015-01-31 03:28 - 00000000 ___RD C:\Users\Robert\Dokumente
2017-03-25 12:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-25 12:34 - 2015-04-18 21:24 - 00000000 ___RD C:\Users\Robert\Dropbox
2017-03-25 12:34 - 2015-01-31 03:32 - 00000000 __RDO C:\Users\Robert\OneDrive
2017-03-25 12:26 - 2016-07-25 20:18 - 03398078 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-25 12:26 - 2016-07-17 00:51 - 01532930 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-25 12:26 - 2016-07-17 00:51 - 00387170 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-25 12:22 - 2016-09-22 05:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-25 12:22 - 2016-09-22 05:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-25 12:22 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-25 12:19 - 2015-08-02 14:19 - 00000000 ____D C:\AdwCleaner
2017-03-25 01:23 - 2017-02-04 17:45 - 00001233 _____ C:\Users\Robert\Desktop\Vicki byt - Verknüpfung.lnk
2017-03-25 01:09 - 2014-03-25 19:07 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2017-03-25 01:06 - 2015-02-21 15:46 - 00000000 ____D C:\Users\Robert\AppData\Local\Boss Media
2017-03-25 01:06 - 2015-02-21 15:46 - 00000000 ____D C:\ProgramData\Boss Media
2017-03-25 01:02 - 2015-03-28 21:20 - 00000000 ____D C:\Users\Robert\Desktop\PC Programme
2017-03-25 01:00 - 2015-03-28 21:24 - 00000000 ____D C:\Users\Robert\Desktop\Sicherheit + ZahlungsApp
2017-03-25 00:58 - 2013-09-13 09:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-25 00:57 - 2014-03-25 19:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2017-03-25 00:57 - 2014-02-20 12:32 - 00000000 ____D C:\Program Files\CyberLink
2017-03-25 00:48 - 2014-03-25 19:09 - 00000000 ____D C:\ProgramData\ashampoo
2017-03-25 00:44 - 2015-01-31 19:04 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Ashampoo
2017-03-24 23:55 - 2015-03-08 17:25 - 00000000 ____D C:\Program Files (x86)\Fipertec
2017-03-24 23:47 - 2015-05-29 21:48 - 00000000 ____D C:\Users\Robert\Dokumente\Pc Systeme + Programme
2017-03-24 23:41 - 2016-09-22 05:22 - 00000000 ____D C:\Users\Robert
2017-03-24 23:41 - 2015-05-16 15:07 - 00000000 ____D C:\ProgramData\McAfee
2017-03-24 23:28 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-24 21:32 - 2016-11-01 21:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-24 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-24 16:31 - 2016-09-22 05:28 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-03-24 16:31 - 2016-09-22 05:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-03-24 16:31 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-24 16:31 - 2015-06-13 00:08 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-03-23 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-23 19:57 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-23 19:47 - 2017-02-01 20:45 - 00000000 ____D C:\Program Files (x86)\QTrade-FX MT4 Setup
2017-03-23 19:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-23 19:46 - 2015-01-31 04:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-23 10:07 - 2017-01-09 23:51 - 00000000 ____D C:\Users\Robert\Dokumente\Fotografia
2017-03-23 10:02 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-23 09:55 - 2016-09-22 05:20 - 00356928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-23 09:54 - 2015-02-03 00:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-23 09:54 - 2015-02-03 00:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-23 09:51 - 2015-10-25 19:30 - 00000000 ____D C:\Users\Robert\Dokumente\Sliepky - Hennen - Hühner
2017-03-18 02:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-18 02:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-17 21:31 - 2015-07-15 22:01 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-16 21:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-16 00:57 - 2016-02-26 21:44 - 00001655 _____ C:\Users\Robert\Desktop\FIB-PRECOG Trading Tabelle - Verknüpfung.lnk
2017-03-15 22:09 - 2015-03-21 23:18 - 00000000 ____D C:\Users\Robert\Downloads\Trading
2017-03-15 22:01 - 2016-11-04 21:20 - 00000000 ____D C:\Users\Robert\Downloads\Musik
2017-03-15 16:23 - 2015-08-25 13:50 - 00000000 ____D C:\Users\Robert\Dokumente\Belicka Lubomira
2017-03-15 00:57 - 2015-02-19 04:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 00:55 - 2015-02-03 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 00:55 - 2013-11-22 13:15 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-12 23:35 - 2016-01-14 05:41 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-12 23:27 - 2015-05-31 19:46 - 00000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001.job
2017-03-12 23:27 - 2015-03-11 20:03 - 00000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001.job
2017-03-12 23:22 - 2015-03-28 22:24 - 00000000 ____D C:\Users\Robert\AppData\Local\Adobe
2017-03-12 23:09 - 2017-02-14 21:40 - 00000000 ____D C:\Users\Robert\AppData\Local\CrashDumps
2017-03-12 18:38 - 2016-01-12 02:00 - 00000000 ____D C:\Users\Robert\AppData\Local\Amazon
2017-03-11 23:17 - 2016-01-03 14:43 - 00000000 ____D C:\Users\Robert\Dokumente\DETI
2017-03-10 07:17 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 07:17 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 21:53 - 2015-06-19 16:21 - 00000000 ____D C:\Users\Robert\AppData\Local\Dropbox
2017-03-04 09:09 - 2016-09-22 05:21 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-02-26 23:27 - 2015-02-02 22:51 - 00000000 ____D C:\Users\Robert\Dokumente\Auto - Diverses
2017-02-26 19:55 - 2016-01-18 00:03 - 00000000 ____D C:\Users\Robert\AppData\Local\IE Tab

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-29 13:46 - 2017-03-25 14:43 - 0010752 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-22 05:20 - 2016-09-22 05:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-25 19:34 - 2014-03-25 19:36 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2014-03-25 19:36 - 2014-03-25 19:37 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-03-25 19:20 - 2014-03-25 19:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-03-25 19:34 - 2014-03-25 19:34 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log
2014-03-25 19:15 - 2014-03-25 19:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-03-25 19:28 - 2014-03-25 19:32 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-03-25 19:28 - 2014-03-25 19:28 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
2014-03-25 19:16 - 2014-03-25 19:20 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2014-03-25 19:21 - 2014-03-25 19:22 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
2017-03-25 00:12 - 2017-03-25 00:12 - 0000000 ____D () C:\Users\Robert\AppData\Local\Temp\AppLauncher.exe
2017-02-03 17:43 - 2017-02-03 17:43 - 0739904 _____ (Oracle Corporation) C:\Users\Robert\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-02-22 15:57 - 2017-02-22 15:57 - 13424224 _____ (TSR Software                                                ) C:\Users\Robert\AppData\Local\Temp\WatermarkImageSetup.3.5.7.5.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-26 12:49

==================== Ende von FRST.txt ============================

/CODE]

robert2102 · 26.03.2017, 22:52

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Robert (26-03-2017 21:25:30)
Gestartet von C:\Users\Robert\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-22 03:29:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3251521826-911854800-2584752506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3251521826-911854800-2584752506-503 - Limited - Disabled)
Gast (S-1-5-21-3251521826-911854800-2584752506-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3251521826-911854800-2584752506-1003 - Limited - Enabled)
Robert (S-1-5-21-3251521826-911854800-2584752506-1001 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Amazon Kindle) (Version: 1.14.0.43019 - Amazon)
Amazon Kindle (HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: 1.14.0.43019 - Amazon)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
Channel Trading Signals (HKLM-x32\...\Channel Trading Signals) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2527 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
FIBINATOR (HKLM-x32\...\FIBINATOR) (Version:  - )
Fipertec API (HKLM-x32\...\{4C6BEEF4-CF5F-434E-A812-6F646E61A48F}) (Version: 6.00.700 - Fipertec)
Forex Gemini Code (HKLM-x32\...\Forex Gemini Code) (Version:  - )
Forex Income Boss Bonus (HKLM-x32\...\Forex Income Boss Bonus) (Version:  - )
Forex Income Boss Indicators (HKLM-x32\...\Forex Income Boss Indicators) (Version:  - )
Forex Income Boss SRT Profit System (HKLM-x32\...\Forex Income Boss SRT Profit System) (Version:  - )
Forex Trend Directive (HKLM-x32\...\Forex Trend Directive) (Version:  - )
ForexPrecogESP (HKLM-x32\...\ForexPrecogESP) (Version:  - )
ForexPrecogIndicators (HKLM-x32\...\ForexPrecogIndicators) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FXCM Trading Station (HKLM-x32\...\FXTS2) (Version:  - Forex Capital Markets, LLC ("FXCM LLC"))
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Gemini BB Indicator (HKLM-x32\...\Gemini BB Indicator) (Version:  - )
Gemini Risk Calculator (HKLM-x32\...\Gemini Risk Calculator) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
Infix PDF Editor Version 6.3.6.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.3.6.0 - Iceni Technology)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
KineticAcceleratorSystem (HKLM-x32\...\KineticAcceleratorSystem) (Version:  - )
Limitless Cash System (HKLM-x32\...\Limitless Cash System) (Version:  - )
MACD Gemini (HKLM-x32\...\MACD Gemini) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.120 - McAfee, Inc.)
MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Treiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Parabola Profit System (HKLM-x32\...\{89FB6946-CDFF-4358-B8E2-0A46ECD0B56A}) (Version: 1.0.5532.30147 - Parabola Profit System)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.3.00.12160 - Sony Corporation)
PMB_ModeEditor (x32 Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.3.00 - Sony Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
QTrade-FX MT4 Setup (HKLM-x32\...\QTrade-FX MT4 Setup) (Version: 4.00 - MetaQuotes Software Corp.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Rapid Dollar System (HKLM-x32\...\Rapid Dollar System) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Roulette Ebook (HKLM-x32\...\Roulette Ebook) (Version:  - )
Sadukey (HKLM-x32\...\Sadukey) (Version:  - )
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Spin4Profit Ninja 3.0.4.9 (HKLM-x32\...\{EE5FDA48-201A-404C-9A92-108C25919AED}_is1) (Version:  - Spin4Profit Software)
Spin4Profit Ultimate 6.0.3.5 (HKLM-x32\...\{B7CBF268-6DEF-4AA1-94E0-5E019CE48DFE}_is1) (Version:  - Spin4Profit Software)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Target Entry Elevator (HKLM-x32\...\Target Entry Elevator) (Version:  - )
The Continuation Method (HKLM-x32\...\The Continuation Method) (Version:  - )
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.04 - Abelssoft)
Trade Assistant (HKLM-x32\...\Trade Assistant) (Version:  - )
Trading (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\5556-0001-2700-0000) (Version: latest (958.2k) 20161005 16:34:05 - IB Exchange Corp.)
Trading (HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5556-0001-2700-0000) (Version: latest (958.2k) 20161005 16:34:05 - IB Exchange Corp.)
Trend_Cloud (HKLM-x32\...\Trend_Cloud) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSR Watermark Image software version 3.5.6.8 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.5.6.8 - TSR Software)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Watermark Version 4.44 (HKLM\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 4.44 - Portfoler sp. z o. o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6441\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6441\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04993CF8-AF1F-4BEB-9AB5-5CB9521262AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {067D8E4A-0A86-45EC-ADC1-9914E426D813} - System32\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {0A2355F7-F098-4543-A945-6472DF5D3568} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1047DB9E-55D6-4446-BA26-A883504255C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {18F74924-A7F2-482F-8DA2-72E985573C1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1F352382-EDB1-45C4-A195-A8D4C0ED44CE} - System32\Tasks\Abelssoft\ToolbarTerminator AutoScan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {1FA045CD-5D70-406A-8524-9AEC5F874C79} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {2849D9BE-E1EC-4EF9-848D-FD9A28D64250} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {2DEAE603-E5B4-4F28-B2FA-57F6AA0676F5} - System32\Tasks\{D186787D-DF6D-44FE-8A3B-269808192EE4} => pcalua.exe -a "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal"
Task: {32D895AC-274C-4E2D-BFA2-2DBB3037E753} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {34145514-48A1-4361-BA22-606682FF3DA7} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {3E9BE0D3-02D7-4E2B-A924-7E75D51875AD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {4052F667-49FE-4C66-94E4-D425E6613F15} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe 
Task: {42FE7AC7-FC0E-4F6B-9F6C-5C4C069653BE} - System32\Tasks\{08AF55EB-1919-4D7A-81FB-A917D1D566FE} => pcalua.exe -a "C:\Program Files (x86)\JFD MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD MetaTrader 4 Terminal"
Task: {4E6D981B-CD94-4FB6-81B5-E97ABEF734F5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {62511546-0EAC-4BAF-80E9-701534AA4FF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {725FA124-1772-4787-AD2D-5B3DCA9111D7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7645E6BC-BF83-4CA7-A3EC-C524ABDF6F94} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Robert\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {77222BE5-9DF2-4A92-BFDC-357EC4295D1C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {826ED48A-AECD-41E9-B537-57BCD3B906F3} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-03-23] (Microsoft)
Task: {854830B9-7D8C-4A94-975E-10EB550F5DA5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8A30FD9F-609F-402F-9638-D1877EF0076D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {8C23EADC-07EA-4816-A3B1-2522EF364E37} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {916EEB9D-FAD2-4E8F-AF96-61721CD477BF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {94DE6763-7E50-441B-8353-C1710019016F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {96647E51-55DA-4D70-890F-102FB96842F7} - \Microsoft\Windows\Setup\GWXTriggers\Logon -> Keine Datei <==== ACHTUNG
Task: {9C212BF5-DE42-4E08-8E35-91308B95E217} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A7B39732-DE3B-4316-949A-B0053850F79A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {AD54ED33-8EEB-4A91-BEFF-DD4A45AE4794} - System32\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AD68D96F-D5B4-409F-95D9-D45503BC95C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {AECA8659-60F0-44C1-BE00-3BBA1A2CDD52} - System32\Tasks\{3A7E3E64-064F-4727-B686-0DB04AC68718} => pcalua.exe -a "C:\Program Files (x86)\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\MetaTrader 4 Terminal"
Task: {AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} - \McAfee\McAfee Idle Detection Task -> Keine Datei <==== ACHTUNG
Task: {AEEA974A-8082-4039-903E-E35F98FF8ADF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {B04F9A0E-09D4-4D19-8849-BE4A99CEC6EE} - System32\Tasks\{E97FD05C-BBA7-46D0-A32B-E8553113BB97} => pcalua.exe -a "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme\avi-to-dvd-converter.exe" -d "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme"
Task: {BBA03ECF-B4A6-40B5-887A-600BA36C325B} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {D293BE57-3EF6-430D-8300-39B6708E4B31} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DAAA5E14-7686-4F2D-A9EE-3FB33AFE29A0} - System32\Tasks\Abelssoft\ToolbarTerminator Continous Scan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {E23EBB57-195C-4A6E-B6C5-8FF650E9DE43} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {E90D87B8-B4AF-48BC-B3F4-F3ED60B0C1B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {E9810987-0187-4502-AB73-FC8DBB01B7B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EA3F9890-E4E6-41D0-9EFE-5D49FC9FCFCA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {F453EFC2-25B9-4FE9-88A9-0B20348CFD55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-31 04:42 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-09-22 05:21 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-08 16:36 - 2014-10-24 15:16 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2016-09-22 06:17 - 2016-09-22 06:17 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-14 18:13 - 2017-03-14 18:13 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2015-07-18 22:22 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2017-03-25 12:39 - 2017-03-25 12:39 - 13327560 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8021.42017.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 19:22 - 2017-03-02 19:23 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-07-25 23:57 - 2016-07-25 23:57 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-25 23:53 - 2016-07-25 23:53 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-12 23:20 - 2017-03-09 07:26 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libglesv2.dll
2017-03-12 23:20 - 2017-03-09 07:26 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libegl.dll
2014-04-10 14:13 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-18 22:22 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-07-18 22:22 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-07-18 22:22 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-12-22 13:12 - 2015-12-22 13:12 - 00463744 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Calendar.dll
2015-02-01 20:35 - 2015-06-05 10:54 - 00271224 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\CrashRpt1402.dll
2015-02-01 20:35 - 2014-09-09 12:25 - 00040792 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\MouseHook.dll
2016-09-20 17:50 - 2016-09-20 17:50 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-03-24 21:32 - 2017-03-21 20:06 - 00842560 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-11-01 21:56 - 2017-02-28 22:49 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-24 21:32 - 2017-02-28 22:50 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-01 21:56 - 2017-02-28 22:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-24 21:32 - 2017-02-28 22:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-01 21:56 - 2017-02-28 22:51 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-28 01:19 - 2017-03-21 20:10 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-24 21:32 - 2017-02-28 22:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-24 21:32 - 2017-03-11 01:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-01 21:56 - 2017-03-21 20:10 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-03-24 21:32 - 2017-02-28 22:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-24 21:32 - 2017-02-28 22:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-24 21:32 - 2017-03-21 20:10 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-11-01 21:56 - 2017-02-28 22:58 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-20 17:51 - 2016-09-20 17:51 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-02-11 01:18 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-11 01:18 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2011-01-31 10:45 - 2011-01-31 10:45 - 00559244 _____ () C:\Program Files (x86)\Steganos Safe 16\sqlite3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-03-12 23:52 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{be310f02-ece8-4418-9ca9-421e0fc4a7c9}.JPG
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{be310f02-ece8-4418-9ca9-421e0fc4a7c9}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "SuperEasy 1-Click Backup"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MyDriveConnect.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{46F1A647-95FF-4A3C-85E3-A920E734E0DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{90C35DB0-E84E-4B2A-9D07-AF2B75177721}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E489A156-C985-47ED-BB49-F7465E7A9976}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{F23C5B00-DBEE-4839-ADE6-79D8C2D93F91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{BF1D906C-54B9-4FF6-AEB9-FC0CFE89C653}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E643F1E2-EBDD-4D4C-8F2D-F33DACA83D0D}] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D25BFEFF-A4FF-42F8-89CD-235D9555370D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3DC02EF8-0B69-4E05-981A-4D9CD98EE141}] => (Allow) LPort=2869
FirewallRules: [{35BBBCCA-7154-4A26-9E7E-CF8251FA508A}] => (Allow) LPort=1900
FirewallRules: [{0BA3E59B-48FB-4930-A359-47893C8DA87E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{EAFD0D39-3D49-4078-A54F-B8051CF32691}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{730B1C8F-8EB8-45C7-8E03-0AEA835735F9}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3183C0EB-2BDD-4BA9-8F1C-E5DE72ED6140}] => (Allow) C:\Users\Robert\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{BC5F543F-0816-47DE-8DC0-05C09E1E1055}] => (Allow) C:\Users\Robert\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{1EE6E156-8820-428D-9360-E84F9E11ED65}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{994419A4-3B26-4F7E-85E0-A6B00DBCEC2A}] => (Allow) C:\ProgramData\KedmAbo\iariate.EXE
FirewallRules: [{C4ADB5E2-8783-45A4-B65C-0B53D74A26EC}] => (Allow) C:\ProgramData\KedmAbo\iariate.EXE
FirewallRules: [{716D488F-FF88-4C37-8E39-B7B6BD93E03E}] => (Allow) C:\ProgramData\KedmAbo\iariate.EXE
FirewallRules: [{2F650E4E-293C-4363-ACB5-9766210D987B}] => (Allow) C:\ProgramData\KedmAbo\iariate.EXE
FirewallRules: [{2F22C8A2-2A85-46FF-BB15-F0EE93CF9C2A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE66AC88-4CF9-4C26-BEAC-112EA7A60CCD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

20-03-2017 01:11:12 Windows-Sicherung
23-03-2017 08:45:56 Windows Update
25-03-2017 00:52:51 Revo Uninstaller's restore point - CyberLink PowerDirector 12
26-03-2017 21:15:38 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/26/2017 09:15:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/26/2017 09:15:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/26/2017 09:12:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/26/2017 03:17:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/26/2017 03:17:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (03/26/2017 03:16:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/26/2017 03:16:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {ddb07afb-df2b-4b5a-b744-02b0fac13950}

Error: (03/26/2017 02:52:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/26/2017 02:24:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/26/2017 02:06:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/26/2017 09:25:38 PM) (Source: DCOM) (EventID: 10010) (User: RB-PC)
Description: Der Server "{C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/26/2017 09:23:36 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/26/2017 09:23:36 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/26/2017 09:23:36 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/26/2017 09:23:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.


CodeIntegrity:
===================================
  Date: 2016-10-20 15:41:38.944
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.940
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.932
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.913
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.896
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16340.29 MB
Verfügbarer physikalischer RAM: 11619.45 MB
Summe virtueller Speicher: 18772.29 MB
Verfügbarer virtueller Speicher: 13396.59 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.09 GB) (Free:21.21 GB) NTFS
Drive d: (Data) (Fixed) (Total:2734.39 GB) (Free:1211.36 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:36.5 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hallo Matthias,
vielen Dank. Es schaut so aus, dass ich es dank deiner perfekten Anleitung geschafft habe die notwendigen Logfiles zu posten

Ich warte dann mit Geduld, wenn du Zeit hast ( ich schätze hoch deine Hilfe - bin auch arbeitend mit Familie) auf deine Antwort für den 1.Schritt.

Liebe Grüße aus Wien

Robert

M-K-D-B · 27.03.2017, 20:41

Servus,

in welchen Browsern hast du die beschriebenen Probleme mit "Right Coupon"?
Google Chrome setzen wir jetzt mit AdwCleaner zurück.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
Starte den Rechner im Anschluss neu auf.
Downloade dir den MBAM Uninstaller auf deinen Desktop.
Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

robert2102 · 29.03.2017, 23:57

Hallo Matthias,

danke für deine Antwort. Ich verwende ausschließlich Google Chrome als Browser. Seit Durchführung vom 1. Schritt tue ich den Rightcoupon eigentlich nicht mehr registrieren. Vorher war allgegenwartig fast bei jeder geöffneter Seite. Dafür erhalte ich jetzt Google Werbung ( wenn wirklich von Google) sogar senn ich Trojaner Bord Forum aufmache...

Code:

ATTFilter

# AdwCleaner v6.044 - Bericht erstellt am 29/03/2017 um 23:47:46
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-29.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Robert - RB-PC
# Gestartet von : C:\Users\Robert\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: vipnet-password-roulette.en.softonic.com
[-] [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Gelöscht: hxxp://www.oursurfing.com/webfavicon.ico
[-] [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: mallpejgeafdahhflmliiahjdpgbegpk


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4642 Bytes] - [24/03/2017 23:40:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [1610 Bytes] - [25/03/2017 01:18:51]
C:\AdwCleaner\AdwCleaner[C3].txt - [1756 Bytes] - [25/03/2017 12:06:53]
C:\AdwCleaner\AdwCleaner[C4].txt - [1754 Bytes] - [25/03/2017 12:11:54]
C:\AdwCleaner\AdwCleaner[C5].txt - [1900 Bytes] - [25/03/2017 12:19:11]
C:\AdwCleaner\AdwCleaner[C6].txt - [1932 Bytes] - [29/03/2017 23:47:46]
C:\AdwCleaner\AdwCleaner[R0].txt - [13741 Bytes] - [02/08/2015 14:19:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [10425 Bytes] - [02/08/2015 14:24:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [4434 Bytes] - [24/03/2017 23:39:18]
C:\AdwCleaner\AdwCleaner[S2].txt - [1851 Bytes] - [25/03/2017 01:18:29]
C:\AdwCleaner\AdwCleaner[S3].txt - [1997 Bytes] - [25/03/2017 12:06:17]
C:\AdwCleaner\AdwCleaner[S4].txt - [2004 Bytes] - [25/03/2017 12:11:25]
C:\AdwCleaner\AdwCleaner[S5].txt - [2150 Bytes] - [25/03/2017 12:18:38]
C:\AdwCleaner\AdwCleaner[S6].txt - [2578 Bytes] - [29/03/2017 23:45:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2591 Bytes] ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 30.03.17
Scan-Zeit: 00:17
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.96
Version des Aktualisierungspakets: 1.0.1622
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: RB-PC\Robert

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 490088
Abgelaufene Zeit: 1 Min., 37 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Robert (30-03-2017 00:27:20)
Gestartet von C:\Users\Robert\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-22 03:29:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3251521826-911854800-2584752506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3251521826-911854800-2584752506-503 - Limited - Disabled)
Gast (S-1-5-21-3251521826-911854800-2584752506-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3251521826-911854800-2584752506-1003 - Limited - Enabled)
Robert (S-1-5-21-3251521826-911854800-2584752506-1001 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Amazon Kindle) (Version: 1.14.0.43019 - Amazon)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
Channel Trading Signals (HKLM-x32\...\Channel Trading Signals) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2527 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
FIBINATOR (HKLM-x32\...\FIBINATOR) (Version:  - )
Fipertec API (HKLM-x32\...\{4C6BEEF4-CF5F-434E-A812-6F646E61A48F}) (Version: 6.00.700 - Fipertec)
Forex Gemini Code (HKLM-x32\...\Forex Gemini Code) (Version:  - )
Forex Income Boss Bonus (HKLM-x32\...\Forex Income Boss Bonus) (Version:  - )
Forex Income Boss Indicators (HKLM-x32\...\Forex Income Boss Indicators) (Version:  - )
Forex Income Boss SRT Profit System (HKLM-x32\...\Forex Income Boss SRT Profit System) (Version:  - )
Forex Trend Directive (HKLM-x32\...\Forex Trend Directive) (Version:  - )
ForexPrecogESP (HKLM-x32\...\ForexPrecogESP) (Version:  - )
ForexPrecogIndicators (HKLM-x32\...\ForexPrecogIndicators) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FXCM Trading Station (HKLM-x32\...\FXTS2) (Version:  - Forex Capital Markets, LLC ("FXCM LLC"))
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Gemini BB Indicator (HKLM-x32\...\Gemini BB Indicator) (Version:  - )
Gemini Risk Calculator (HKLM-x32\...\Gemini Risk Calculator) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.2.0.6634 (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\GoToMeeting) (Version: 8.2.0.6634 - CitrixOnline)
Infix PDF Editor Version 6.3.6.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.3.6.0 - Iceni Technology)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
KineticAcceleratorSystem (HKLM-x32\...\KineticAcceleratorSystem) (Version:  - )
Limitless Cash System (HKLM-x32\...\Limitless Cash System) (Version:  - )
MACD Gemini (HKLM-x32\...\MACD Gemini) (Version:  - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Treiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Parabola Profit System (HKLM-x32\...\{89FB6946-CDFF-4358-B8E2-0A46ECD0B56A}) (Version: 1.0.5532.30147 - Parabola Profit System)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.3.00.12160 - Sony Corporation)
PMB_ModeEditor (x32 Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.3.00 - Sony Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
QTrade-FX MT4 Setup (HKLM-x32\...\QTrade-FX MT4 Setup) (Version: 4.00 - MetaQuotes Software Corp.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Rapid Dollar System (HKLM-x32\...\Rapid Dollar System) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Roulette Ebook (HKLM-x32\...\Roulette Ebook) (Version:  - )
Sadukey (HKLM-x32\...\Sadukey) (Version:  - )
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Spin4Profit Ninja 3.0.4.9 (HKLM-x32\...\{EE5FDA48-201A-404C-9A92-108C25919AED}_is1) (Version:  - Spin4Profit Software)
Spin4Profit Ultimate 6.0.3.5 (HKLM-x32\...\{B7CBF268-6DEF-4AA1-94E0-5E019CE48DFE}_is1) (Version:  - Spin4Profit Software)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Target Entry Elevator (HKLM-x32\...\Target Entry Elevator) (Version:  - )
The Continuation Method (HKLM-x32\...\The Continuation Method) (Version:  - )
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.04 - Abelssoft)
Trade Assistant (HKLM-x32\...\Trade Assistant) (Version:  - )
Trading (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\5556-0001-2700-0000) (Version: latest (958.2k) 20161005 16:34:05 - IB Exchange Corp.)
Trend_Cloud (HKLM-x32\...\Trend_Cloud) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSR Watermark Image software version 3.5.6.8 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.5.6.8 - TSR Software)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Watermark Version 4.44 (HKLM\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 4.44 - Portfoler sp. z o. o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6441\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04993CF8-AF1F-4BEB-9AB5-5CB9521262AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {067D8E4A-0A86-45EC-ADC1-9914E426D813} - System32\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {0A2355F7-F098-4543-A945-6472DF5D3568} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1047DB9E-55D6-4446-BA26-A883504255C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {18F74924-A7F2-482F-8DA2-72E985573C1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1F352382-EDB1-45C4-A195-A8D4C0ED44CE} - System32\Tasks\Abelssoft\ToolbarTerminator AutoScan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {1FA045CD-5D70-406A-8524-9AEC5F874C79} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {2DEAE603-E5B4-4F28-B2FA-57F6AA0676F5} - System32\Tasks\{D186787D-DF6D-44FE-8A3B-269808192EE4} => pcalua.exe -a "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal"
Task: {32D895AC-274C-4E2D-BFA2-2DBB3037E753} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {34145514-48A1-4361-BA22-606682FF3DA7} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {3E9BE0D3-02D7-4E2B-A924-7E75D51875AD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {4052F667-49FE-4C66-94E4-D425E6613F15} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe 
Task: {42FE7AC7-FC0E-4F6B-9F6C-5C4C069653BE} - System32\Tasks\{08AF55EB-1919-4D7A-81FB-A917D1D566FE} => pcalua.exe -a "C:\Program Files (x86)\JFD MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD MetaTrader 4 Terminal"
Task: {4E6D981B-CD94-4FB6-81B5-E97ABEF734F5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {62511546-0EAC-4BAF-80E9-701534AA4FF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {725FA124-1772-4787-AD2D-5B3DCA9111D7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7645E6BC-BF83-4CA7-A3EC-C524ABDF6F94} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Robert\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {77222BE5-9DF2-4A92-BFDC-357EC4295D1C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {7CA379F6-D405-47B9-89F7-A4BD445C5A5C} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {826ED48A-AECD-41E9-B537-57BCD3B906F3} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-03-23] (Microsoft)
Task: {854830B9-7D8C-4A94-975E-10EB550F5DA5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8A30FD9F-609F-402F-9638-D1877EF0076D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {8C23EADC-07EA-4816-A3B1-2522EF364E37} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {916EEB9D-FAD2-4E8F-AF96-61721CD477BF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {94DE6763-7E50-441B-8353-C1710019016F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {96647E51-55DA-4D70-890F-102FB96842F7} - \Microsoft\Windows\Setup\GWXTriggers\Logon -> Keine Datei <==== ACHTUNG
Task: {9C212BF5-DE42-4E08-8E35-91308B95E217} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A7B39732-DE3B-4316-949A-B0053850F79A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A9415773-4E62-4DA6-9B01-1A3AA7A85170} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {AD54ED33-8EEB-4A91-BEFF-DD4A45AE4794} - System32\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AD68D96F-D5B4-409F-95D9-D45503BC95C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {AECA8659-60F0-44C1-BE00-3BBA1A2CDD52} - System32\Tasks\{3A7E3E64-064F-4727-B686-0DB04AC68718} => pcalua.exe -a "C:\Program Files (x86)\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\MetaTrader 4 Terminal"
Task: {AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} - \McAfee\McAfee Idle Detection Task -> Keine Datei <==== ACHTUNG
Task: {AEEA974A-8082-4039-903E-E35F98FF8ADF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {B04F9A0E-09D4-4D19-8849-BE4A99CEC6EE} - System32\Tasks\{E97FD05C-BBA7-46D0-A32B-E8553113BB97} => pcalua.exe -a "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme\avi-to-dvd-converter.exe" -d "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme"
Task: {D293BE57-3EF6-430D-8300-39B6708E4B31} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DAAA5E14-7686-4F2D-A9EE-3FB33AFE29A0} - System32\Tasks\Abelssoft\ToolbarTerminator Continous Scan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {E23EBB57-195C-4A6E-B6C5-8FF650E9DE43} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {E90D87B8-B4AF-48BC-B3F4-F3ED60B0C1B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {E9810987-0187-4502-AB73-FC8DBB01B7B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EA3F9890-E4E6-41D0-9EFE-5D49FC9FCFCA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {F453EFC2-25B9-4FE9-88A9-0B20348CFD55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6634\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6634\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-31 04:42 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-30 00:16 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-30 00:16 - 2017-03-24 04:10 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-22 05:21 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-22 06:17 - 2016-09-22 06:17 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-14 18:13 - 2017-03-14 18:13 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2015-07-18 22:22 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2017-03-12 23:20 - 2017-03-09 07:26 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libglesv2.dll
2017-03-12 23:20 - 2017-03-09 07:26 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libegl.dll
2015-07-18 22:22 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-07-18 22:22 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-07-18 22:22 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-12-22 13:12 - 2015-12-22 13:12 - 00463744 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Calendar.dll
2015-02-01 20:35 - 2015-06-05 10:54 - 00271224 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\CrashRpt1402.dll
2015-02-01 20:35 - 2014-09-09 12:25 - 00040792 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\MouseHook.dll
2016-09-20 17:50 - 2016-09-20 17:50 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-03-24 21:32 - 2017-03-21 20:06 - 00842560 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-11-01 21:56 - 2017-02-28 22:49 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-24 21:32 - 2017-02-28 22:50 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-01 21:56 - 2017-02-28 22:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-24 21:32 - 2017-02-28 22:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-01 21:56 - 2017-02-28 22:51 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-28 01:19 - 2017-03-21 20:10 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-24 21:32 - 2017-02-28 22:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-24 21:32 - 2017-03-11 01:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-01 21:56 - 2017-03-21 20:10 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-03-24 21:32 - 2017-02-28 22:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-24 21:32 - 2017-02-28 22:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-24 21:32 - 2017-03-21 20:10 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-20 17:51 - 2016-09-20 17:51 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-02-11 01:18 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-11 01:18 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-09-20 17:50 - 2016-09-20 17:50 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-04-10 14:13 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-03-12 23:52 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3251521826-911854800-2584752506-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{be310f02-ece8-4418-9ca9-421e0fc4a7c9}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "SuperEasy 1-Click Backup"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-03-2017 01:11:12 Windows-Sicherung
23-03-2017 08:45:56 Windows Update
25-03-2017 00:52:51 Revo Uninstaller's restore point - CyberLink PowerDirector 12
26-03-2017 21:15:38 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/30/2017 12:23:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/30/2017 12:13:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/30/2017 12:08:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/30/2017 12:01:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:56:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:50:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:35:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:28:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:05:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/29/2017 11:03:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/30/2017 12:22:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/30/2017 12:21:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "InstallerService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/30/2017 12:21:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/30/2017 12:11:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/30/2017 12:11:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "InstallerService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/30/2017 12:11:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/30/2017 12:06:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/30/2017 12:06:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "InstallerService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/30/2017 12:06:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/29/2017 11:59:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-10-20 15:41:38.944
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.940
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.932
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.913
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.896
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16340.29 MB
Verfügbarer physikalischer RAM: 12888.55 MB
Summe virtueller Speicher: 18772.29 MB
Verfügbarer virtueller Speicher: 15160.64 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.09 GB) (Free:18.27 GB) NTFS
Drive d: (Data) (Fixed) (Total:2734.39 GB) (Free:1182.5 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:36.5 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Robert (Administrator) auf RB-PC (30-03-2017 00:26:06)
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert (Verfügbare Profile: Robert)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft) C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Ascora GmbH) C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-02-13] (NVIDIA Corporation)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-22] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28065728 2017-03-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe [102400 2014-10-28] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE16 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe [17408 2014-10-28] (Steganos Software GmbH)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3001536 2016-12-16] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\Navigation Tom Tom\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [SAFE16 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe [73728 2014-10-28] (Steganos Software GmbH)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5846360 2015-06-05] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-09] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-02-28]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar285.lnk [2017-03-30]
ShortcutTarget: Sidebar285.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0052c886-7091-4d23-984f-40b962e76652}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-03] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-03] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler: WSWSVCUchrome - Kein CLSID Wert
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-24] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-03] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3251521826-911854800-2584752506-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Robert\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-11] (Citrix Online)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2017-03-30]
CHR Extension: (Google Präsentationen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-29]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-29]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-29]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-29]
CHR Extension: (Google Tabellen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-29]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-29]
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-18]
CHR Extension: (Google Präsentationen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-11]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-11]
CHR Extension: (Google-Suche) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-11]
CHR Extension: (Google Tabellen) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-08-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-08-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AbAdminService; C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe [32520 2015-03-23] (Ascora GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752480 2017-02-24] (Intel Security)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-01] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-01] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-03-11] (Dropbox, Inc.)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-10-20] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-03-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551000 2017-03-10] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [505024 2016-12-16] (Sony Corporation)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvSoft Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-24] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-30] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-30] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-30] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-03-30] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-03-30] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmowu.inf_amd64_7d04a4e2e36ad11f\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Remus - ArchiCrypt - )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 andnetadb; \SystemRoot\System32\Drivers\lgandnetadb.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

robert2102 · 30.03.2017, 00:01

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-30 00:24 - 2017-03-30 00:24 - 00001232 _____ C:\Users\Robert\Desktop\mbam.txt
2017-03-30 00:22 - 2017-03-30 00:22 - 00000000 ___HD C:\OneDriveTemp
2017-03-30 00:17 - 2017-03-30 00:17 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-30 00:16 - 2017-03-30 00:21 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-30 00:16 - 2017-03-30 00:21 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-30 00:16 - 2017-03-30 00:21 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-30 00:16 - 2017-03-30 00:21 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-30 00:16 - 2017-03-30 00:16 - 59272008 _____ (Malwarebytes ) C:\Users\Robert\Desktop\mb3-setup-consumer-3.0.6.1469-1096.exe
2017-03-30 00:16 - 2017-03-30 00:16 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-30 00:16 - 2017-03-30 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-30 00:16 - 2017-03-30 00:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-30 00:16 - 2017-03-30 00:16 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-30 00:16 - 2017-03-24 04:10 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-30 00:15 - 2017-03-30 00:15 - 59272008 _____ (Malwarebytes ) C:\Users\Robert\Downloads\mb3-setup-consumer-3.0.6.1469-1096.exe
2017-03-30 00:14 - 2017-03-30 00:14 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Downloads\mbam-clean-2.3.0.1001 (4).exe
2017-03-30 00:11 - 2017-03-30 00:11 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Desktop\mbam-clean-2.3.0.1001 (3).exe
2017-03-30 00:10 - 2017-03-30 00:10 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Downloads\mbam-clean-2.3.0.1001 (3).exe
2017-03-30 00:05 - 2017-03-30 00:05 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Downloads\mbam-clean-2.3.0.1001 (2).exe
2017-03-30 00:03 - 2017-03-30 00:03 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Downloads\mbam-clean-2.3.0.1001 (1).exe
2017-03-29 23:58 - 2017-03-29 23:58 - 00566128 _____ (Malwarebytes) C:\Users\Robert\Downloads\mbam-clean-2.3.0.1001.exe
2017-03-29 21:14 - 2017-03-29 21:14 - 04031440 _____ C:\Users\Robert\Desktop\AdwCleaner_6.044.exe
2017-03-26 21:33 - 2017-03-26 23:53 - 00105192 _____ C:\TDSSKiller.3.1.0.12_26.03.2017_21.33.45_log.txt
2017-03-26 21:33 - 2017-03-26 23:20 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Robert\Desktop\tdsskiller.exe
2017-03-26 21:25 - 2017-03-26 21:26 - 00061938 _____ C:\Users\Robert\Desktop\Addition.txt
2017-03-26 21:24 - 2017-03-30 00:26 - 00035896 _____ C:\Users\Robert\Desktop\FRST.txt
2017-03-26 21:23 - 2017-03-30 00:26 - 00000000 ____D C:\FRST
2017-03-26 21:23 - 2017-03-26 21:23 - 02424832 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2017-03-25 13:25 - 2017-03-25 13:26 - 00000000 ____D C:\Users\Robert\Dokumente\Lesezeichen - Sicherung
2017-03-25 00:23 - 2017-03-25 00:23 - 00000000 ____D C:\Users\Robert\Dokumente\Multilizer
2017-03-24 21:32 - 2017-03-24 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-23 23:33 - 2017-03-23 23:34 - 00000000 ____D C:\Users\Robert\Dokumente\Infrarotbild
2017-03-23 21:52 - 2017-03-29 17:25 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-23 09:55 - 2017-03-23 09:55 - 00000000 ____D C:\WINDOWS\Panther
2017-03-23 08:43 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-23 08:43 - 2017-03-04 08:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-23 08:43 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-23 08:43 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-23 08:43 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-23 08:43 - 2017-03-04 08:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-23 08:43 - 2017-03-04 08:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-23 08:43 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-23 08:43 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-23 08:43 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-23 08:43 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-23 08:43 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-23 08:43 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-23 08:43 - 2017-03-04 08:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-23 08:43 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-23 08:43 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-23 08:43 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-23 08:43 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-23 08:43 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-23 08:43 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-23 08:43 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-23 08:43 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-23 08:43 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-23 08:43 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-23 08:43 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-23 08:43 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-23 08:43 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-23 08:43 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-23 08:43 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-23 08:43 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-23 08:43 - 2017-03-04 08:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-23 08:43 - 2017-03-04 08:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-23 08:43 - 2017-03-04 08:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-23 08:43 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-23 08:43 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-23 08:43 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-23 08:43 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-23 08:43 - 2017-03-04 08:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-23 08:43 - 2017-03-04 08:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-23 08:43 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-23 08:43 - 2017-03-04 08:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-23 08:43 - 2017-03-04 08:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-23 08:43 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-23 08:43 - 2017-03-04 07:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-23 08:42 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-23 08:42 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-23 08:42 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-23 08:42 - 2017-03-04 09:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-23 08:42 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-23 08:42 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-23 08:42 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-23 08:42 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-23 08:42 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-23 08:42 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-23 08:42 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-23 08:42 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-23 08:42 - 2017-03-04 09:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-23 08:42 - 2017-03-04 09:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-23 08:42 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-23 08:42 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-23 08:42 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-23 08:42 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-23 08:42 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-23 08:42 - 2017-03-04 09:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-23 08:42 - 2017-03-04 09:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-23 08:42 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-23 08:42 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-23 08:42 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-23 08:42 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-23 08:42 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-23 08:42 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-23 08:42 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-23 08:42 - 2017-03-04 09:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-23 08:42 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-23 08:42 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-23 08:42 - 2017-03-04 09:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-23 08:42 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-23 08:42 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-23 08:42 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-23 08:42 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-23 08:42 - 2017-03-04 09:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-23 08:42 - 2017-03-04 09:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-23 08:42 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-23 08:42 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-23 08:42 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-23 08:42 - 2017-03-04 09:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-23 08:42 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-23 08:42 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-23 08:42 - 2017-03-04 09:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-23 08:42 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-23 08:42 - 2017-03-04 09:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-23 08:42 - 2017-03-04 09:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-23 08:42 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-23 08:42 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-23 08:42 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-23 08:42 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-23 08:42 - 2017-03-04 08:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-23 08:42 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-23 08:42 - 2017-03-04 08:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-23 08:42 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-23 08:42 - 2017-03-04 08:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-23 08:42 - 2017-03-04 08:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-23 08:42 - 2017-03-04 08:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-23 08:42 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-23 08:42 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-23 08:42 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-23 08:42 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-23 08:42 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-23 08:42 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-23 08:42 - 2017-03-04 08:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-23 08:42 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-23 08:42 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-23 08:42 - 2017-03-04 08:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-23 08:42 - 2017-03-04 08:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-23 08:42 - 2017-03-04 08:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-23 08:42 - 2017-03-04 08:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-23 08:42 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-23 08:42 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-23 08:42 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-23 08:42 - 2017-03-04 08:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-23 08:42 - 2017-03-04 08:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-23 08:42 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-23 08:42 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-23 08:42 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-23 08:42 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-23 08:42 - 2017-03-04 08:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-23 08:42 - 2017-03-04 08:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-23 08:42 - 2017-03-04 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-23 08:42 - 2017-03-04 08:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-23 08:42 - 2017-03-04 08:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-23 08:42 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-23 08:42 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-23 08:42 - 2017-03-04 08:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-23 08:42 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-23 08:42 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-23 08:42 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-23 08:42 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-23 08:42 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-23 08:42 - 2017-03-04 08:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-23 08:42 - 2017-03-04 08:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-23 08:42 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-23 08:42 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-23 08:42 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-23 08:42 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-23 08:42 - 2017-03-04 08:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-23 08:42 - 2017-03-04 08:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-23 08:42 - 2017-03-04 08:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-23 08:42 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-23 08:42 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-23 08:42 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-23 08:42 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-23 08:42 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-23 08:42 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-23 08:42 - 2017-03-04 08:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-23 08:42 - 2017-03-04 08:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-23 08:42 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-23 08:42 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-23 08:42 - 2017-03-04 08:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-23 08:42 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-23 08:42 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-23 08:42 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-23 08:42 - 2017-03-04 08:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-23 08:42 - 2017-03-04 08:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-23 08:42 - 2017-03-04 08:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-23 08:42 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-23 08:42 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-23 08:42 - 2017-03-04 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-23 08:42 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-23 08:42 - 2017-03-04 08:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-23 08:42 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-23 08:42 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-23 08:42 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-23 08:42 - 2017-03-04 08:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-23 08:42 - 2017-03-04 08:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-23 08:42 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-23 08:42 - 2017-03-04 08:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-23 08:42 - 2017-03-04 08:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-23 08:42 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-23 08:42 - 2017-03-04 08:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-23 08:42 - 2017-03-04 08:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-23 08:42 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-23 08:42 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-23 08:42 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-23 08:42 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-23 08:42 - 2017-03-04 08:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-23 08:42 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-23 08:42 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-23 08:42 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-23 08:42 - 2017-03-04 08:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-23 08:42 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-23 08:42 - 2017-03-04 08:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-23 08:42 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-23 08:42 - 2017-03-04 08:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-23 08:42 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-23 08:42 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-23 08:42 - 2017-03-04 08:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-23 08:42 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-23 08:42 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-23 08:42 - 2017-03-04 08:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-23 08:42 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-23 08:42 - 2017-03-04 08:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-23 08:42 - 2017-03-04 08:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-23 08:42 - 2017-03-04 08:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-23 08:42 - 2017-03-04 08:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-23 08:42 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-23 08:42 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-23 08:42 - 2017-03-04 08:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-23 08:42 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-23 08:42 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-23 08:42 - 2017-03-04 07:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-23 08:42 - 2017-03-04 07:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-23 08:42 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-23 08:42 - 2017-03-04 07:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-23 08:42 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-23 08:42 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-23 08:42 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-23 08:42 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-23 08:42 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-22 16:36 - 2017-03-23 09:50 - 00000000 ____D C:\Users\Robert\Dokumente\Sepi
2017-03-15 12:06 - 2017-03-15 12:08 - 00338047 _____ C:\Users\Robert\Dokumente\IMG_20170315_0002.pdf
2017-03-15 11:37 - 2017-03-15 11:37 - 00542431 _____ C:\Users\Robert\Dokumente\IMG_20170315_0001.pdf
2017-03-14 00:52 - 2017-03-14 00:52 - 01137186 _____ C:\Users\Robert\Dokumente\IMG_20170313_0001.pdf
2017-03-12 23:52 - 2017-03-12 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-03-12 23:52 - 2017-03-12 23:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-03-12 23:36 - 2017-03-25 23:58 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-03-12 23:36 - 2017-03-25 13:37 - 00000000 ____D C:\Users\Robert\AppData\Local\tkdata
2017-03-12 23:36 - 2017-03-12 23:36 - 00001229 _____ C:\Users\Public\Desktop\True Key.lnk
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\ProgramData\TrueKey
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\Program Files\Intel Security
2017-03-12 23:36 - 2017-03-12 23:36 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-03-12 23:22 - 2017-03-29 23:48 - 00000000 ____D C:\Program Files\TrueKey
2017-03-12 23:22 - 2017-03-18 02:59 - 00004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-12 23:22 - 2017-03-18 02:59 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-12 23:22 - 2017-03-12 23:52 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-03-12 23:22 - 2017-03-12 23:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-03-12 18:38 - 2017-03-12 18:38 - 00002352 _____ C:\Users\Robert\Desktop\Kindle.lnk
2017-03-12 15:33 - 2017-03-12 15:33 - 00000000 ____D C:\Users\Robert\Dokumente\Amazon
2017-03-11 01:17 - 2017-03-11 01:17 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-03-06 20:19 - 2017-03-25 21:38 - 00001224 _____ C:\Users\Robert\Desktop\Webinare mit Oli Klemm 2-3.2017 - Verknüpfung.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-30 00:26 - 2016-07-25 20:18 - 03544028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-30 00:26 - 2016-07-17 00:51 - 01611370 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-30 00:26 - 2016-07-17 00:51 - 00409760 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-30 00:25 - 2015-06-13 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-30 00:23 - 2015-04-18 21:24 - 00000000 ___RD C:\Users\Robert\Dropbox
2017-03-30 00:22 - 2015-01-31 03:32 - 00000000 __RDO C:\Users\Robert\OneDrive
2017-03-30 00:21 - 2016-09-22 05:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-30 00:21 - 2016-09-22 05:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-30 00:21 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-30 00:05 - 2015-03-28 21:24 - 00000000 ____D C:\Users\Robert\Desktop\Sicherheit + ZahlungsApp
2017-03-29 23:50 - 2015-08-02 14:19 - 00000000 ____D C:\AdwCleaner
2017-03-29 23:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\TAPI
2017-03-29 23:48 - 2015-06-13 00:12 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-29 23:48 - 2015-05-31 19:46 - 00000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001.job
2017-03-29 23:48 - 2015-03-11 20:03 - 00000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001.job
2017-03-29 23:39 - 2016-10-24 00:25 - 00000000 ____D C:\Users\Robert\AppData\Local\Sidebar7
2017-03-29 23:28 - 2016-09-22 05:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-29 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-29 21:05 - 2016-09-22 05:28 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-03-29 19:58 - 2016-10-24 01:16 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D5BFC1CD-2C86-4051-B419-52D439D37A4D}
2017-03-29 17:28 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-28 18:43 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-26 21:49 - 2015-05-29 21:48 - 00000000 ____D C:\Users\Robert\Dokumente\Pc Systeme + Programme
2017-03-26 15:28 - 2015-03-21 23:26 - 00000000 ____D C:\Users\Robert\Downloads\PC Hilfsprogramme
2017-03-26 14:31 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-26 14:13 - 2015-01-31 04:15 - 00000000 ____D C:\Users\Robert\Dokumente\AA-TRADING, Forex , binarne operacie
2017-03-26 04:40 - 2015-03-08 23:54 - 00000000 ____D C:\Users\Robert\AppData\Roaming\MetaQuotes
2017-03-25 20:25 - 2015-01-31 03:28 - 00000000 ____D C:\Users\Robert\AppData\Local\Packages
2017-03-25 14:43 - 2015-03-29 13:46 - 00010752 _____ C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-25 13:43 - 2015-11-08 11:41 - 00000000 ____D C:\Users\Robert\Dokumente\Zdravie-Gesundheit
2017-03-25 13:26 - 2015-01-31 03:28 - 00000000 ___RD C:\Users\Robert\Dokumente
2017-03-25 01:23 - 2017-02-04 17:45 - 00001233 _____ C:\Users\Robert\Desktop\Vicki byt - Verknüpfung.lnk
2017-03-25 01:09 - 2014-03-25 19:07 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2017-03-25 01:06 - 2015-02-21 15:46 - 00000000 ____D C:\Users\Robert\AppData\Local\Boss Media
2017-03-25 01:06 - 2015-02-21 15:46 - 00000000 ____D C:\ProgramData\Boss Media
2017-03-25 01:02 - 2015-03-28 21:20 - 00000000 ____D C:\Users\Robert\Desktop\PC Programme
2017-03-25 00:58 - 2013-09-13 09:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-25 00:57 - 2014-03-25 19:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2017-03-25 00:57 - 2014-02-20 12:32 - 00000000 ____D C:\Program Files\CyberLink
2017-03-25 00:48 - 2014-03-25 19:09 - 00000000 ____D C:\ProgramData\ashampoo
2017-03-25 00:44 - 2015-01-31 19:04 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Ashampoo
2017-03-24 23:55 - 2015-03-08 17:25 - 00000000 ____D C:\Program Files (x86)\Fipertec
2017-03-24 23:41 - 2016-09-22 05:22 - 00000000 ____D C:\Users\Robert
2017-03-24 23:41 - 2015-05-16 15:07 - 00000000 ____D C:\ProgramData\McAfee
2017-03-24 23:28 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-24 21:32 - 2016-11-01 21:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-24 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-24 16:31 - 2016-09-22 05:28 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-03-24 16:31 - 2016-09-22 05:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-03-24 16:31 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-24 16:31 - 2015-06-13 00:08 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-03-23 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-23 19:47 - 2017-02-01 20:45 - 00000000 ____D C:\Program Files (x86)\QTrade-FX MT4 Setup
2017-03-23 19:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-23 19:46 - 2015-01-31 04:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-23 10:07 - 2017-01-09 23:51 - 00000000 ____D C:\Users\Robert\Dokumente\Fotografia
2017-03-23 10:02 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-23 09:55 - 2016-09-22 05:20 - 00356928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-23 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-23 09:54 - 2015-02-03 00:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-23 09:54 - 2015-02-03 00:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-23 09:53 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-23 09:51 - 2015-10-25 19:30 - 00000000 ____D C:\Users\Robert\Dokumente\Sliepky - Hennen - Hühner
2017-03-18 02:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-18 02:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-17 21:31 - 2015-07-15 22:01 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-16 21:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-16 00:57 - 2016-02-26 21:44 - 00001655 _____ C:\Users\Robert\Desktop\FIB-PRECOG Trading Tabelle - Verknüpfung.lnk
2017-03-15 22:09 - 2015-03-21 23:18 - 00000000 ____D C:\Users\Robert\Downloads\Trading
2017-03-15 22:01 - 2016-11-04 21:20 - 00000000 ____D C:\Users\Robert\Downloads\Musik
2017-03-15 16:23 - 2015-08-25 13:50 - 00000000 ____D C:\Users\Robert\Dokumente\Belicka Lubomira
2017-03-15 00:57 - 2015-02-19 04:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 00:55 - 2015-02-03 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 00:55 - 2013-11-22 13:15 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-12 23:35 - 2016-01-14 05:41 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-12 23:22 - 2015-03-28 22:24 - 00000000 ____D C:\Users\Robert\AppData\Local\Adobe
2017-03-12 23:09 - 2017-02-14 21:40 - 00000000 ____D C:\Users\Robert\AppData\Local\CrashDumps
2017-03-12 18:38 - 2016-01-12 02:00 - 00000000 ____D C:\Users\Robert\AppData\Local\Amazon
2017-03-11 23:17 - 2016-01-03 14:43 - 00000000 ____D C:\Users\Robert\Dokumente\DETI
2017-03-10 07:17 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 07:17 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 21:53 - 2015-06-19 16:21 - 00000000 ____D C:\Users\Robert\AppData\Local\Dropbox
2017-03-04 09:09 - 2016-09-22 05:21 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-29 13:46 - 2017-03-25 14:43 - 0010752 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-22 05:20 - 2016-09-22 05:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-25 19:34 - 2014-03-25 19:36 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2014-03-25 19:36 - 2014-03-25 19:37 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-03-25 19:20 - 2014-03-25 19:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-03-25 19:34 - 2014-03-25 19:34 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log
2014-03-25 19:15 - 2014-03-25 19:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-03-25 19:28 - 2014-03-25 19:32 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-03-25 19:28 - 2014-03-25 19:28 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
2014-03-25 19:16 - 2014-03-25 19:20 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2014-03-25 19:21 - 2014-03-25 19:22 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
2017-03-25 00:12 - 2017-03-25 00:12 - 0000000 ____D () C:\Users\Robert\AppData\Local\Temp\AppLauncher.exe
2017-02-03 17:43 - 2017-02-03 17:43 - 0739904 _____ (Oracle Corporation) C:\Users\Robert\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-02-22 15:57 - 2017-02-22 15:57 - 13424224 _____ (TSR Software                                                ) C:\Users\Robert\AppData\Local\Temp\WatermarkImageSetup.3.5.7.5.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-26 12:49

==================== Ende von FRST.txt ============================

M-K-D-B · 30.03.2017, 20:19

Servus,

bei der Werbung auf trojaner-board.de handelt es sich nicht um Schadsoftware, sondern ganz "normale" Werbung (so wie man sie heutzutage auf fast allen Seiten finden kann).
Um diese Werbung auszublenden, kannst du Werbe-Blocker wie AdBlockPlus für deine Browser installieren, mehr dazu wenn wir mit der Bereinigung fertig sind.

Wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
Task: {1047DB9E-55D6-4446-BA26-A883504255C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {18F74924-A7F2-482F-8DA2-72E985573C1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {34145514-48A1-4361-BA22-606682FF3DA7} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {62511546-0EAC-4BAF-80E9-701534AA4FF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8C23EADC-07EA-4816-A3B1-2522EF364E37} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {94DE6763-7E50-441B-8353-C1710019016F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {96647E51-55DA-4D70-890F-102FB96842F7} - \Microsoft\Windows\Setup\GWXTriggers\Logon -> Keine Datei <==== ACHTUNG
Task: {9C212BF5-DE42-4E08-8E35-91308B95E217} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} - \McAfee\McAfee Idle Detection Task -> Keine Datei <==== ACHTUNG
Task: {F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

robert2102 · 02.04.2017, 01:02

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Robert (01-04-2017 23:18:33) Run:1
Gestartet von C:\Users\Robert\Desktop
Geladene Profile: Robert (Verfügbare Profile: Robert)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Task: {1047DB9E-55D6-4446-BA26-A883504255C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {18F74924-A7F2-482F-8DA2-72E985573C1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {34145514-48A1-4361-BA22-606682FF3DA7} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {62511546-0EAC-4BAF-80E9-701534AA4FF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8C23EADC-07EA-4816-A3B1-2522EF364E37} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {94DE6763-7E50-441B-8353-C1710019016F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {96647E51-55DA-4D70-890F-102FB96842F7} - \Microsoft\Windows\Setup\GWXTriggers\Logon -> Keine Datei <==== ACHTUNG
Task: {9C212BF5-DE42-4E08-8E35-91308B95E217} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} - \McAfee\McAfee Idle Detection Task -> Keine Datei <==== ACHTUNG
Task: {F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
EmptyTemp:
end
         
*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1047DB9E-55D6-4446-BA26-A883504255C4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1047DB9E-55D6-4446-BA26-A883504255C4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18F74924-A7F2-482F-8DA2-72E985573C1C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18F74924-A7F2-482F-8DA2-72E985573C1C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34145514-48A1-4361-BA22-606682FF3DA7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34145514-48A1-4361-BA22-606682FF3DA7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62511546-0EAC-4BAF-80E9-701534AA4FF1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62511546-0EAC-4BAF-80E9-701534AA4FF1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C23EADC-07EA-4816-A3B1-2522EF364E37} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C23EADC-07EA-4816-A3B1-2522EF364E37} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94DE6763-7E50-441B-8353-C1710019016F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94DE6763-7E50-441B-8353-C1710019016F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96647E51-55DA-4D70-890F-102FB96842F7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96647E51-55DA-4D70-890F-102FB96842F7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C212BF5-DE42-4E08-8E35-91308B95E217} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C212BF5-DE42-4E08-8E35-91308B95E217} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AECB7CC7-6D50-4B05-8B8E-006CFCD1085A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5CC0C45-2BD0-450A-AFCB-98E1A2E16FEB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt

========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Program Files

30.03.2017  00:16    <DIR>          .
30.03.2017  00:16    <DIR>          ..
14.10.2016  00:00    <DIR>          7-Zip
26.05.2015  22:08    <DIR>          Canon
12.03.2017  23:36    <DIR>          Common Files
25.03.2017  00:57    <DIR>          CyberLink
10.04.2014  14:26    <DIR>          Intel
12.03.2017  23:36    <DIR>          Intel Security
23.03.2017  09:53    <DIR>          Internet Explorer
31.05.2015  22:18    <DIR>          KeyDepot
30.03.2017  00:16    <DIR>          Malwarebytes
18.11.2016  09:15    <DIR>          McAfee
12.03.2017  23:52    <DIR>          McAfee Security Scan
15.06.2015  21:12    <DIR>          McAfee.com
01.02.2015  05:45    <DIR>          Microsoft Mouse and Keyboard Center
23.03.2017  19:46    <DIR>          Microsoft Office 15
23.03.2017  09:54    <DIR>          Microsoft Silverlight
22.09.2016  06:14    <DIR>          MSBuild
11.02.2017  04:52    <DIR>          NVIDIA Corporation
22.09.2016  05:20    <DIR>          Realtek
22.09.2016  06:14    <DIR>          Reference Assemblies
12.07.2015  13:16    <DIR>          TrueCrypt
30.03.2017  22:00    <DIR>          TrueKey
08.02.2016  07:50    <DIR>          VideoLAN
04.11.2016  21:47    <DIR>          Visual Watermark
08.11.2016  21:36    <DIR>          VS Revo Group
23.03.2017  09:53    <DIR>          Windows Defender
01.02.2015  04:06    <DIR>          Windows Live
23.03.2017  09:53    <DIR>          Windows Mail
29.10.2016  01:03    <DIR>          Windows Media Player
16.07.2016  13:47    <DIR>          Windows Multimedia Platform
22.09.2016  05:29    <DIR>          Windows NT
23.03.2017  09:53    <DIR>          Windows Photo Viewer
16.07.2016  13:47    <DIR>          Windows Portable Devices
16.07.2016  13:47    <DIR>          WindowsPowerShell
08.11.2016  21:10    <DIR>          WinPcap
               0 Datei(en),              0 Bytes
              36 Verzeichnis(se), 16.370.348.032 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Program Files (x86)

01.04.2017  23:16    <DIR>          .
01.04.2017  23:16    <DIR>          ..
14.07.2015  21:59    <DIR>          Adobe
10.04.2014  14:29    <DIR>          AGEIA Technologies
25.03.2017  01:09    <DIR>          Ashampoo
17.01.2016  23:57    <DIR>          Autodesk
29.08.2015  22:21    <DIR>          BdTips
10.12.2015  01:53    <DIR>          Candleworks
26.05.2015  22:08    <DIR>          Canon
03.01.2016  14:39    <DIR>          Channel Trading Signals
25.03.2017  00:26    <DIR>          Common Files
03.04.2014  14:32    <DIR>          CyberLink
24.03.2017  21:32    <DIR>          Dropbox
14.02.2016  23:44    <DIR>          FIBINATOR
24.03.2017  23:55    <DIR>          Fipertec
10.02.2016  02:01    <DIR>          Forex Gemini Code
17.02.2016  04:08    <DIR>          Forex Income Boss Bonus
29.07.2015  22:36    <DIR>          Forex Income Boss Indicators
17.02.2016  00:09    <DIR>          Forex Income Boss SRT Profit System
31.03.2015  02:29    <DIR>          Forex Trend Directive
10.02.2016  03:38    <DIR>          ForexPrecogESP
10.02.2016  01:53    <DIR>          ForexPrecogIndicators
08.11.2016  21:07    <DIR>          Freemake
20.10.2016  01:55    <DIR>          FxPro - MetaTrader 4
10.02.2016  02:40    <DIR>          Gemini BB Indicator
10.02.2016  02:02    <DIR>          Gemini Risk Calculator
11.02.2017  23:20    <DIR>          Google
10.04.2014  14:14    <DIR>          Intel
23.03.2017  09:53    <DIR>          Internet Explorer
03.02.2017  17:47    <DIR>          Java
10.04.2016  22:42    <DIR>          KineticAcceleratorSystem
26.02.2016  01:58    <DIR>          Limitless Cash System
10.02.2016  02:43    <DIR>          MACD Gemini
30.03.2017  21:59    <DIR>          McAfee
15.06.2015  21:12    <DIR>          McAfee.com
24.10.2016  00:04    <DIR>          MetaTrader 4
25.03.2014  15:11    <DIR>          Microsoft Office
23.03.2017  09:54    <DIR>          Microsoft Silverlight
13.09.2013  09:14    <DIR>          Microsoft SQL Server Compact Edition
22.09.2016  05:23    <DIR>          Microsoft.NET
22.09.2016  06:14    <DIR>          MSBuild
20.09.2015  23:03    <DIR>          Navigation Tom Tom
11.02.2017  04:53    <DIR>          NVIDIA Corporation
20.06.2015  11:03    <DIR>          Opera
31.03.2015  02:25    <DIR>          Parabola Profit System
28.03.2015  22:36    <DIR>          PDF Bearbeitung
23.03.2017  19:47    <DIR>          QTrade-FX MT4 Setup
05.02.2016  08:27    <DIR>          QuickTime
26.02.2016  01:58    <DIR>          Rapid Dollar System
10.04.2014  14:32    <DIR>          Realtek
22.09.2016  06:14    <DIR>          Reference Assemblies
07.06.2015  11:54    <DIR>          Sadukey
29.08.2015  22:29    <DIR>          Sony
22.12.2016  01:33    <DIR>          Spin4Profit Ninja
22.12.2016  01:35    <DIR>          Spin4Profit Ultimate
08.11.2016  12:18    <DIR>          Steganos Safe 16
06.02.2016  14:58    <DIR>          Target Entry Elevator
29.10.2016  00:02    <DIR>          The Continuation Method
20.09.2015  23:03    <DIR>          TomTom International B.V
10.07.2015  16:46    <DIR>          ToolbarTerminator
16.06.2015  23:22    <DIR>          Trade Assistant
24.04.2015  22:05    <DIR>          TRADING
10.02.2016  02:39    <DIR>          Trend_Cloud
04.11.2016  22:03    <DIR>          TSR Soft
13.05.2016  06:58    <DIR>          UNION STANDARD
12.06.2015  21:34    <DIR>          VideoLAN
20.06.2015  13:26    <DIR>          VS Revo Group
11.02.2017  04:53    <DIR>          VulkanRT
23.03.2017  09:53    <DIR>          Windows Defender
01.02.2015  04:06    <DIR>          Windows Live
23.03.2017  09:53    <DIR>          Windows Mail
29.10.2016  01:03    <DIR>          Windows Media Player
16.07.2016  13:47    <DIR>          Windows Multimedia Platform
16.07.2016  13:47    <DIR>          Windows NT
23.03.2017  09:53    <DIR>          Windows Photo Viewer
16.07.2016  13:47    <DIR>          Windows Portable Devices
16.07.2016  13:47    <DIR>          WindowsPowerShell
01.04.2017  21:30    <DIR>          Wondershare
               0 Datei(en),              0 Bytes
              78 Verzeichnis(se), 16.369.745.920 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\ProgramData

14.07.2015  21:59    <DIR>          Adobe
25.03.2014  19:27    <DIR>          Apple
05.02.2016  08:27    <DIR>          Apple Computer
25.03.2017  00:48    <DIR>          ashampoo
21.03.2015  22:08    <DIR>          Aspell
25.03.2017  01:06    <DIR>          Boss Media
03.02.2016  00:41    <DIR>          BVRP Software
26.05.2015  22:07    <DIR>          CanonIJWSpt
25.03.2014  19:16    <DIR>          CLSK
16.07.2016  13:47    <DIR>          Comms
05.03.2016  10:11    <DIR>          CyberLink
19.06.2015  16:21    <DIR>          Dropbox
08.11.2016  21:10    <DIR>          Freemake
21.03.2015  22:08    <DIR>          Iceni
25.03.2014  19:36    <DIR>          install_clap
10.04.2014  14:26    <DIR>          Intel
17.02.2016  03:18    <DIR>          Intel Security
30.03.2017  00:16    <DIR>          Malwarebytes
24.03.2017  23:41    <DIR>          McAfee
12.03.2017  23:22    <DIR>          McAfee Security Scan
08.03.2015  23:54    <DIR>          MetaQuotes
22.09.2016  18:01    <DIR>          Microsoft OneDrive
21.03.2015  15:04    <DIR>          multilizer
01.04.2017  23:18    <DIR>          NVIDIA
11.02.2017  04:53    <DIR>          NVIDIA Corporation
03.02.2017  17:47    <DIR>          Oracle
25.07.2016  18:42    <DIR>          oxInstall
12.03.2017  23:35    <DIR>          Package Cache
20.09.2013  12:07    <DIR>          PowerRecover
22.09.2016  05:25    <DIR>          regid.1986-12.com.adobe
23.03.2017  19:47    <DIR>          regid.1991-06.com.microsoft
26.05.2015  22:06    <DIR>          SetupTemp
16.07.2016  13:47    <DIR>          SoftwareDistribution
18.07.2015  22:22    <DIR>          Sony
29.08.2015  22:27    <DIR>          Sony Corporation
18.07.2015  22:18    <DIR>          Sony Ericsson
17.02.2015  01:55    <DIR>          Sun
25.02.2016  04:33    <DIR>          SuperEasy 1-Click Backup
27.02.2016  13:39    <DIR>          SuperEasy Backup
25.03.2014  19:37    <DIR>          Temp
12.03.2017  23:36    <DIR>          TrueKey
22.09.2016  18:00    <DIR>          USOPrivate
22.09.2016  18:00    <DIR>          USOShared
01.04.2017  21:30    <DIR>          Wondershare
10.07.2015  16:50    <DIR>          XDMessagingv4
25.03.2014  19:36               104 {01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
25.03.2014  19:37               119 {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
25.03.2014  19:21               106 {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
25.03.2014  19:34                32 {5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log
25.03.2014  19:16               107 {C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
25.03.2014  19:32               108 {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
25.03.2014  19:28                32 {E1646825-D391-42A0-93AA-27FA810DA093}.log
25.03.2014  19:20               110 {E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
25.03.2014  19:22               110 {E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
               9 Datei(en),            828 Bytes
              45 Verzeichnis(se), 16.369.709.056 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Users\Robert\AppData\Roaming

24.03.2017  23:40    <DIR>          .
24.03.2017  23:40    <DIR>          ..
10.07.2015  16:46    <DIR>          Abelssoft
22.07.2015  22:35    <DIR>          Adobe
31.01.2015  03:29    <DIR>          Apple Computer
25.03.2017  00:44    <DIR>          Ashampoo
21.03.2015  22:25    <DIR>          Aspell
26.05.2015  22:17    <DIR>          Canon
28.03.2015  22:26    <DIR>          com.adobe.downloadassistant.AdobeDownloadAssistant
29.03.2015  14:17    <DIR>          com.adobe.formscentral.FormsCentralForAcrobat
11.04.2015  12:36    <DIR>          CyberLink
08.11.2016  17:25    <DIR>          Digiarty
01.11.2016  21:57    <DIR>          Dropbox
14.11.2016  01:16    <DIR>          dvdcss
24.03.2015  21:54    <DIR>          EAInstall
11.04.2015  20:41    <DIR>          HDX4 GmbH
01.02.2015  05:02    <DIR>          Identities
28.03.2015  20:48    <DIR>          InAppBrowserInstaller
31.01.2015  03:30    <DIR>          Intel Corporation
31.01.2015  03:34    <DIR>          Macromedia
13.06.2015  00:14    <DIR>          McAfee
26.03.2017  04:40    <DIR>          MetaQuotes
21.03.2015  15:06    <DIR>          multilizer
01.02.2015  01:24    <DIR>          NVIDIA
20.06.2015  10:57    <DIR>          Opera Software
29.03.2015  14:14    <DIR>          PDAppFlex
18.08.2016  18:42    <DIR>          Skype
28.03.2015  23:43    <DIR>          SolidDocuments
31.01.2015  20:17    <DIR>          Sony Corporation
14.11.2016  01:19    <DIR>          Steganos
28.08.2015  14:37    <DIR>          Sun
12.07.2015  13:18    <DIR>          TrueCrypt
14.11.2016  01:17    <DIR>          vlc
04.02.2015  01:22    <DIR>          Windows Live Writer
08.11.2016  16:37    <DIR>          {950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
               0 Datei(en),              0 Bytes
              35 Verzeichnis(se), 16.369.618.944 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Users\Robert\AppData\Local

01.04.2017  12:30    <DIR>          .
01.04.2017  12:30    <DIR>          ..
10.07.2015  16:46    <DIR>          Abelssoft
25.07.2016  23:09    <DIR>          ActiveSync
12.03.2017  23:22    <DIR>          Adobe
12.03.2017  18:38    <DIR>          Amazon
26.02.2016  01:00    <DIR>          Apple Computer
31.01.2015  03:54    <DIR>          Apps
21.03.2015  22:08    <DIR>          Aspell
25.03.2017  01:06    <DIR>          Boss Media
22.07.2015  22:35    <DIR>          CEF
07.07.2015  18:55    <DIR>          Citrix
29.10.2016  20:13    <DIR>          Clipboarder
09.10.2016  15:06    <DIR>          Comms
25.09.2016  20:53    <DIR>          ConnectedDevicesPlatform
12.03.2017  23:09    <DIR>          CrashDumps
01.02.2015  20:36    <DIR>          CrashRpt
08.11.2016  21:32    <DIR>          Cyberlink
25.03.2017  14:43            10.752 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
08.11.2016  21:44    <DIR>          Deployment
23.02.2017  08:34    <DIR>          Diagnostics
09.03.2017  21:53    <DIR>          Dropbox
23.02.2017  08:34    <DIR>          ElevatedDiagnostics
28.10.2016  21:01    <DIR>          Google
03.06.2015  07:15    <DIR>          GWX
21.03.2015  22:09    <DIR>          Iceni
26.02.2017  19:55    <DIR>          IE Tab
22.02.2015  04:24    <DIR>          IsolatedStorage
15.03.2017  09:54    <DIR>          Microsoft
19.06.2015  23:50    <DIR>          Microsoft Help
10.08.2016  12:11    <DIR>          MicrosoftEdge
31.01.2015  03:29    <DIR>          NVIDIA
20.06.2015  10:57    <DIR>          Opera Software
25.03.2017  20:25    <DIR>          Packages
31.01.2015  03:29    <DIR>          Power2Go8
01.02.2015  19:48    <DIR>          Programs
25.07.2016  23:07    <DIR>          Publishers
01.04.2017  22:20    <DIR>          Sidebar7
18.07.2015  22:24    <DIR>          Sony
18.07.2015  22:18    <DIR>          Sony Ericsson
19.03.2016  23:59    <DIR>          SuperEasy 1-Click Backup
24.07.2016  22:00    <DIR>          SuperEasy Backup
27.02.2016  13:40    <DIR>          SuperEasy Backup Pro
11.04.2015  20:46    <DIR>          SuperEasy_Software
01.04.2017  23:18    <DIR>          Temp
25.07.2016  23:07    <DIR>          TileDataLayer
25.03.2017  13:37    <DIR>          tkdata
20.09.2015  23:03    <DIR>          TomTom
05.11.2016  00:02    <DIR>          TSR_Software_-_www.tsr-so
07.04.2015  01:18    <DIR>          VirtualStore
11.02.2016  05:13    <DIR>          WHS MT4
12.09.2015  16:52    <DIR>          Windows Live
01.02.2015  17:18    <DIR>          Windows Live Writer
11.02.2015  01:18    <DIR>          Wondershare
22.12.2016  01:36    <DIR>          www.Spin4Profit.com
               1 Datei(en),         10.752 Bytes
              54 Verzeichnis(se), 16.369.528.832 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Program Files (x86)\Common Files

25.03.2017  00:26    <DIR>          .
25.03.2017  00:26    <DIR>          ..
14.07.2015  21:59    <DIR>          Adobe
25.03.2014  19:21    <DIR>          CyberLink
22.07.2015  22:50    <DIR>          DESIGNER
11.04.2015  20:41    <DIR>          HDX4
10.04.2014  14:29    <DIR>          InstallShield
10.04.2014  14:29    <DIR>          Intel Corporation
03.02.2017  17:47    <DIR>          Java
18.11.2016  09:03    <DIR>          McAfee
22.09.2016  05:23    <DIR>          Microsoft Shared
25.03.2014  19:34    <DIR>          Nikon
10.04.2014  14:13    <DIR>          postureAgent
16.07.2016  13:47    <DIR>          Services
26.06.2015  20:13    <DIR>          Sony Shared
08.11.2016  12:18    <DIR>          Steganos
17.07.2016  00:50    <DIR>          System
13.09.2013  09:14    <DIR>          Windows Live
11.02.2015  01:18    <DIR>          Wondershare
               0 Datei(en),              0 Bytes
              19 Verzeichnis(se), 16.369.381.376 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 3A69-9F7C

 Verzeichnis von C:\Program Files\Common Files

12.03.2017  23:36    <DIR>          .
12.03.2017  23:36    <DIR>          ..
17.03.2017  21:31    <DIR>          AV
12.03.2017  23:36    <DIR>          Intel
17.02.2016  03:18    <DIR>          Intel Security
24.03.2017  16:31    <DIR>          McAfee
22.09.2016  05:23    <DIR>          microsoft shared
16.07.2016  13:47    <DIR>          Services
26.06.2015  20:13    <DIR>          Sony Shared
17.07.2016  00:50    <DIR>          System
               0 Datei(en),              0 Bytes
              10 Verzeichnis(se), 16.369.328.128 Bytes frei

========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 493852917 B
Java, Flash, Steam htmlcache => 5805 B
Windows/system/drivers => 222587856 B
Edge => 44770530 B
Chrome => 529016882 B
Firefox => 0 B
Opera => 14962293 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 508394 B
systemprofile32 => 128 B
LocalService => 371528 B
NetworkService => 38496946 B
Robert => 704606388 B

RecycleBin => 8446471732 B
EmptyTemp: => 9.8 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 23:23:38 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=829d5dbf44c18c4ba3886ff8479a6857
# end=init
# utc_time=2017-04-01 09:43:51
# local_time=2017-04-01 11:43:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32921
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=829d5dbf44c18c4ba3886ff8479a6857
# end=updated
# utc_time=2017-04-01 09:46:51
# local_time=2017-04-01 11:46:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=829d5dbf44c18c4ba3886ff8479a6857
# engine=32921
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-04-01 10:50:39
# local_time=2017-04-02 12:50:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5133 16777214 100 100 695338 76046825 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 50682 22417653 0 0
# scanned=464554
# found=10
# cleaned=10
# scan_time=3827
sh=100173517C8D637F7D13308058682E5A4C9726E4 ft=1 fh=080dbf64f9552871 vn="Win32/Adware.ELEX.PBM Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir"
sh=23342D8CD51CDBD7E549E72620D363143332AF73 ft=1 fh=91ff742f9e8da47d vn="Win32/Adware.ELEX.PBM Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/Adware.ELEX.PDH Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir"
sh=03D65784955EA50408BE7611B5815A5067FDADDD ft=1 fh=7d5c5d59c86038fb vn="Variante von Win32/Adware.ELEX.PCY Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir"
sh=BBAB46443BE951C4962C93F2A4DF18FB067162E7 ft=1 fh=ba8f458244c69cb7 vn="Variante von Win32/Adware.ELEX.PDK Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir"
sh=DADCF87604F46DE9426634679F61DF2CB4663C6B ft=1 fh=6e9292f71a66fb39 vn="Win32/Adware.ELEX.PBM Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir"
sh=8A84725E8A71DAE63AA70B6AB666BBECFA2FD818 ft=1 fh=456fc5e26bae154a vn="Variante von Win32/Adware.ELEX.PEE Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir"
sh=15BB81BD80D07BEDD39DAC81581EECC5AB171BE5 ft=1 fh=df686e1c271f3c16 vn="Variante von Win64/Adware.AddLyrics.H Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version16SpeedCheck\x64\lZj2t.exe.vir"
sh=88844DE86C05044A3CE4D5EB7740A41C2608D342 ft=1 fh=b996d3464ca8edbd vn="Win64/Adware.AddLyrics.K Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version16SpeedCheck\x64\webTinstMKTN84.sys.vir"
sh=88844DE86C05044A3CE4D5EB7740A41C2608D342 ft=1 fh=b996d3464ca8edbd vn="Win64/Adware.AddLyrics.K Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\webTinstMKTN84.sys.vir"

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : RB-PC
   Windows . . . . . . . : 10.0.0.14393.X64/8
   User name . . . . . . : RB-PC\Robert
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-04-01 23:37:22
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 20s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 3
   Traces  . . . . . . . : 9

   Objects scanned . . . : 2.616.547
   Files scanned . . . . : 89.127
   Remnants scanned  . . : 749.052 files / 1.778.368 keys

Malware _____________________________________________________________________

   C:\Users\Robert\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 0.1 days (2017-04-01 21:24:20)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 2ADFE9030307343C3A05670F807EA69DBA03DED9D9AB7E74EB1D66787C26E5B8
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 105.0
      Forensic Cluster
          0.0s C:\Users\Robert\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe
          3.2s C:\ProgramData\McAfee\VirusScan\Data\mcvsrpt.dat

   C:\Users\Robert\Downloads\PC Hilfsprogramme\TrueCrypt - CHIP-Installer.exe
      Size . . . . . . . : 1.198.368 bytes
      Age  . . . . . . . : 629.4 days (2015-07-12 13:15:19)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 0908ABDC83D334C74C34588CEEBE3B4D7D9A00969C499936B725A0A8DFFE46ED
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0

   C:\Users\Robert\Downloads\PC Hilfsprogramme\VLC media player 64 Bit - CHIP-Installer.exe
      Size . . . . . . . : 1.198.368 bytes
      Age  . . . . . . . : 780.9 days (2015-02-11 00:50:25)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 6ADE75459C66F9EB156349C14BB8C76591713A22914D2A7170BCF899F153E5C8
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0


Suspicious files ____________________________________________________________

   C:\Users\Robert\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.832 bytes
      Age  . . . . . . . : 6.1 days (2017-03-26 21:23:01)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Cookies _____________________________________________________________________

   C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
   C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com

Code:

ATTFilter

LastRegBack: 2017-03-26 12:49

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Robert (02-04-2017 01:51:04)
Gestartet von C:\Users\Robert\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-22 03:29:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3251521826-911854800-2584752506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3251521826-911854800-2584752506-503 - Limited - Disabled)
Gast (S-1-5-21-3251521826-911854800-2584752506-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3251521826-911854800-2584752506-1003 - Limited - Enabled)
Robert (S-1-5-21-3251521826-911854800-2584752506-1001 - Administrator - Enabled) => C:\Users\Robert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\Amazon Kindle) (Version: 1.14.0.43019 - Amazon)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2400 series Benutzerregistrierung (HKLM-x32\...\Canon MG2400 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
Channel Trading Signals (HKLM-x32\...\Channel Trading Signals) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2527 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FIBINATOR (HKLM-x32\...\FIBINATOR) (Version:  - )
Fipertec API (HKLM-x32\...\{4C6BEEF4-CF5F-434E-A812-6F646E61A48F}) (Version: 6.00.700 - Fipertec)
Forex Gemini Code (HKLM-x32\...\Forex Gemini Code) (Version:  - )
Forex Income Boss Bonus (HKLM-x32\...\Forex Income Boss Bonus) (Version:  - )
Forex Income Boss Indicators (HKLM-x32\...\Forex Income Boss Indicators) (Version:  - )
Forex Income Boss SRT Profit System (HKLM-x32\...\Forex Income Boss SRT Profit System) (Version:  - )
Forex Trend Directive (HKLM-x32\...\Forex Trend Directive) (Version:  - )
ForexPrecogESP (HKLM-x32\...\ForexPrecogESP) (Version:  - )
ForexPrecogIndicators (HKLM-x32\...\ForexPrecogIndicators) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FXCM Trading Station (HKLM-x32\...\FXTS2) (Version:  - Forex Capital Markets, LLC ("FXCM LLC"))
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Gemini BB Indicator (HKLM-x32\...\Gemini BB Indicator) (Version:  - )
Gemini Risk Calculator (HKLM-x32\...\Gemini Risk Calculator) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.2.0.6634 (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\GoToMeeting) (Version: 8.2.0.6634 - CitrixOnline)
Infix PDF Editor Version 6.3.6.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.3.6.0 - Iceni Technology)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.20 - Abelssoft)
KineticAcceleratorSystem (HKLM-x32\...\KineticAcceleratorSystem) (Version:  - )
Limitless Cash System (HKLM-x32\...\Limitless Cash System) (Version:  - )
MACD Gemini (HKLM-x32\...\MACD Gemini) (Version:  - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Treiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Parabola Profit System (HKLM-x32\...\{89FB6946-CDFF-4358-B8E2-0A46ECD0B56A}) (Version: 1.0.5532.30147 - Parabola Profit System)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.3.00.12160 - Sony Corporation)
PMB_ModeEditor (x32 Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.3.00 - Sony Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
QTrade-FX MT4 Setup (HKLM-x32\...\QTrade-FX MT4 Setup) (Version: 4.00 - MetaQuotes Software Corp.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Rapid Dollar System (HKLM-x32\...\Rapid Dollar System) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Roulette Ebook (HKLM-x32\...\Roulette Ebook) (Version:  - )
Sadukey (HKLM-x32\...\Sadukey) (Version:  - )
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Spin4Profit Ninja 3.0.4.9 (HKLM-x32\...\{EE5FDA48-201A-404C-9A92-108C25919AED}_is1) (Version:  - Spin4Profit Software)
Spin4Profit Ultimate 6.0.3.5 (HKLM-x32\...\{B7CBF268-6DEF-4AA1-94E0-5E019CE48DFE}_is1) (Version:  - Spin4Profit Software)
Steganos Safe 16 (HKLM-x32\...\{F0EC576B-4985-4B60-929B-63F646BAAC1B}) (Version: 16.1 - Steganos Software GmbH)
Target Entry Elevator (HKLM-x32\...\Target Entry Elevator) (Version:  - )
The Continuation Method (HKLM-x32\...\The Continuation Method) (Version:  - )
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Toolbar Terminator (HKLM-x32\...\Toolbar Terminator_is1) (Version: 2.04 - Abelssoft)
Trade Assistant (HKLM-x32\...\Trade Assistant) (Version:  - )
Trading (HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\5556-0001-2700-0000) (Version: latest (958.2k) 20161005 16:34:05 - IB Exchange Corp.)
Trend_Cloud (HKLM-x32\...\Trend_Cloud) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSR Watermark Image software version 3.5.6.8 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.5.6.8 - TSR Software)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Watermark Version 4.44 (HKLM\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 4.44 - Portfoler sp. z o. o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wondershare Data Recovery(Build 5.0.9.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.9.6 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3251521826-911854800-2584752506-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6441\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04993CF8-AF1F-4BEB-9AB5-5CB9521262AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {067D8E4A-0A86-45EC-ADC1-9914E426D813} - System32\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {0A2355F7-F098-4543-A945-6472DF5D3568} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {12764DBD-EDA1-4B0D-8A68-3C1C54218420} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {1F352382-EDB1-45C4-A195-A8D4C0ED44CE} - System32\Tasks\Abelssoft\ToolbarTerminator AutoScan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {1FA045CD-5D70-406A-8524-9AEC5F874C79} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {2DEAE603-E5B4-4F28-B2FA-57F6AA0676F5} - System32\Tasks\{D186787D-DF6D-44FE-8A3B-269808192EE4} => pcalua.exe -a "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD\MetaTrader 4 Terminal"
Task: {32D895AC-274C-4E2D-BFA2-2DBB3037E753} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {3E9BE0D3-02D7-4E2B-A924-7E75D51875AD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {4052F667-49FE-4C66-94E4-D425E6613F15} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe 
Task: {42FE7AC7-FC0E-4F6B-9F6C-5C4C069653BE} - System32\Tasks\{08AF55EB-1919-4D7A-81FB-A917D1D566FE} => pcalua.exe -a "C:\Program Files (x86)\JFD MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\JFD MetaTrader 4 Terminal"
Task: {4E6D981B-CD94-4FB6-81B5-E97ABEF734F5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {725FA124-1772-4787-AD2D-5B3DCA9111D7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7645E6BC-BF83-4CA7-A3EC-C524ABDF6F94} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Robert\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {77222BE5-9DF2-4A92-BFDC-357EC4295D1C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-18] (Adobe Systems Incorporated)
Task: {826ED48A-AECD-41E9-B537-57BCD3B906F3} - System32\Tasks\Abelssoft\ToolbarTerminator Background Guard => C:\Program Files (x86)\ToolbarTerminator\TTBackgroundGuard.exe [2015-03-23] (Microsoft)
Task: {854830B9-7D8C-4A94-975E-10EB550F5DA5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {85C23100-0305-47A9-8210-00843B7BF2D3} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {8A30FD9F-609F-402F-9638-D1877EF0076D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {916EEB9D-FAD2-4E8F-AF96-61721CD477BF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {A7B39732-DE3B-4316-949A-B0053850F79A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {AD54ED33-8EEB-4A91-BEFF-DD4A45AE4794} - System32\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001 => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AD68D96F-D5B4-409F-95D9-D45503BC95C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {AECA8659-60F0-44C1-BE00-3BBA1A2CDD52} - System32\Tasks\{3A7E3E64-064F-4727-B686-0DB04AC68718} => pcalua.exe -a "C:\Program Files (x86)\MetaTrader 4 Terminal\uninstall.exe" -d "C:\Program Files (x86)\MetaTrader 4 Terminal"
Task: {AEEA974A-8082-4039-903E-E35F98FF8ADF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {B04F9A0E-09D4-4D19-8849-BE4A99CEC6EE} - System32\Tasks\{E97FD05C-BBA7-46D0-A32B-E8553113BB97} => pcalua.exe -a "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme\avi-to-dvd-converter.exe" -d "C:\Users\Robert\Downloads\PC Hilfsprogramme\Video - umwandlungs Programme"
Task: {D293BE57-3EF6-430D-8300-39B6708E4B31} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DAAA5E14-7686-4F2D-A9EE-3FB33AFE29A0} - System32\Tasks\Abelssoft\ToolbarTerminator Continous Scan_Robert => C:\Program Files (x86)\ToolbarTerminator\ToolbarTerminator.exe [2015-03-23] (Ascora GmbH)
Task: {E23EBB57-195C-4A6E-B6C5-8FF650E9DE43} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-01] (Dropbox, Inc.)
Task: {E90D87B8-B4AF-48BC-B3F4-F3ED60B0C1B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {E9810987-0187-4502-AB73-FC8DBB01B7B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EA3F9890-E4E6-41D0-9EFE-5D49FC9FCFCA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {F453EFC2-25B9-4FE9-88A9-0B20348CFD55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6634\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3251521826-911854800-2584752506-1001.job => C:\Users\Robert\AppData\Local\Citrix\GoToMeeting\6634\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-31 04:42 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-30 00:16 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-30 00:16 - 2017-03-24 04:10 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-22 05:21 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-23 08:42 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-08 16:36 - 2014-10-24 15:16 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2016-09-22 06:17 - 2016-09-22 06:17 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-23 08:42 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-23 08:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-23 08:42 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-23 08:42 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-14 18:13 - 2017-03-14 18:13 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-14 18:13 - 2017-03-14 18:13 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2015-07-18 22:22 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2017-04-01 23:15 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-01 23:15 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 19:22 - 2017-03-02 19:23 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-07-25 23:57 - 2016-07-25 23:57 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-25 23:53 - 2016-07-25 23:53 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-02 19:22 - 2017-03-02 19:23 - 00024064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Lumia.ViewerPluginProxy.dll
2017-03-28 18:45 - 2017-03-28 18:45 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2015-07-18 22:22 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-07-18 22:22 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-07-18 22:22 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-12-22 13:12 - 2015-12-22 13:12 - 00463744 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Calendar.dll
2015-02-01 20:35 - 2015-06-05 10:54 - 00271224 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\CrashRpt1402.dll
2015-02-01 20:35 - 2014-09-09 12:25 - 00040792 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\MouseHook.dll
2016-09-20 17:50 - 2016-09-20 17:50 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-03-24 21:32 - 2017-03-21 20:06 - 00842560 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-11-01 21:56 - 2017-02-28 22:49 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-01 21:56 - 2017-02-28 22:49 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-24 21:32 - 2017-02-28 22:50 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-01 21:56 - 2017-02-28 22:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-03-24 21:32 - 2017-02-28 22:49 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-24 21:32 - 2017-02-28 22:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-01 21:56 - 2017-02-28 22:51 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-01 21:56 - 2017-02-28 22:50 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-28 01:19 - 2017-03-21 20:10 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 22:07 - 2017-03-21 20:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-24 21:32 - 2017-03-21 20:09 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-24 21:32 - 2017-02-28 22:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-24 21:32 - 2017-03-11 01:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-24 21:32 - 2017-03-21 20:09 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-01 21:56 - 2017-03-21 20:10 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-03-24 21:32 - 2017-02-28 22:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-24 21:32 - 2017-02-28 22:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-24 21:32 - 2017-03-21 20:10 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-01 21:56 - 2017-02-28 22:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-01 21:56 - 2017-03-21 20:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-24 21:32 - 2017-03-21 20:10 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-20 17:51 - 2016-09-20 17:51 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-04-10 14:13 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-31 22:35 - 2014-03-31 22:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-03-12 23:52 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3251521826-911854800-2584752506-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{be310f02-ece8-4418-9ca9-421e0fc4a7c9}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "SuperEasy 1-Click Backup"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3251521826-911854800-2584752506-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F74F02F1-DCAC-4FC3-BDE6-80BF880C46EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

20-03-2017 01:11:12 Windows-Sicherung
23-03-2017 08:45:56 Windows Update
25-03-2017 00:52:51 Revo Uninstaller's restore point - CyberLink PowerDirector 12
26-03-2017 21:15:38 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/02/2017 01:41:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (04/02/2017 01:40:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (04/02/2017 01:40:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (04/02/2017 01:38:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 01:24:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 01:09:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 12:54:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 12:39:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 12:24:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/02/2017 12:09:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RB-PC)
Description: Bei der Aktivierung der App „9FD20106.ExtractorforZIPandRAR_nwhm06f2kfry2!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/02/2017 12:50:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (04/02/2017 12:50:42 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys

Error: (04/02/2017 12:50:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (04/02/2017 12:50:41 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys

Error: (04/02/2017 12:50:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (04/02/2017 12:50:41 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys

Error: (04/02/2017 12:50:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (04/02/2017 12:50:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys

Error: (04/02/2017 12:50:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (04/02/2017 12:50:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Robert\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-10-20 15:41:38.944
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.940
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.932
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.913
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.896
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 15:41:38.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16340.29 MB
Verfügbarer physikalischer RAM: 11258.21 MB
Summe virtueller Speicher: 18772.29 MB
Verfügbarer virtueller Speicher: 12266.53 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.09 GB) (Free:23.59 GB) NTFS
Drive d: (Data) (Fixed) (Total:2734.39 GB) (Free:1163.51 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:36.5 GB) NTFS
Drive l: () (Removable) (Total:29.67 GB) (Free:0.02 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 29.7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.7 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

Hallo Matthias,
wie ich schon letztes mal berichtet, Reightcoupon hat seit dem nicht mehr vorgekommen. Bedeutet es, dass ich endlich frei davon bin? Das wäre wunderbar...

Liebe Grüße und noch schönes Wochenende.

Robert

M-K-D-B · 02.04.2017, 10:35

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

M-K-D-B · 04.04.2017, 15:48

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.