|
Log-Analyse und Auswertung: Direct Pay Zahlungsaufforderungsmail Zip Datei geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.05.2017, 10:21 | #1 |
| Direct Pay Zahlungsaufforderungsmail Zip Datei geöffnet Hi, ich habe leider die Zip-Datei gespeichert und geöffnet, als dann "Msdos braucht Adminrechte" kam, habe ich sofort aufgehört und mich leider erst dann belesen (Spam, Trojaner...). Ich habe Kapersky suchen lassen und es wurde nichts gefunden. Zusätzlich wurde der ADWCleaner eingesetzt, der auch nichts fand. (Nach Neustart)Als ich versucht habe die gespeicherte Datei zu löschen, kam wieder das Fenster, dass das nur mit Adminrechten möglich sei. Kaspersky fand weder in der Rootkit_Suche noch in der vollständigen Computer Untersuchung aufällige Dateien. Ist mein Rechner gefährdet? Wie kann ich rausfinden, ob Schaden angerichtet wurde? Was kann ich tun, um ihn sauberzukriegen? Vielen vielen Dank für eure Hilfe! Ketti FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-05-2017 durchgeführt von Timo (24-05-2017 11:19:36) Gestartet von C:\Users\Timo\Downloads Windows 10 Home Version 1607 (X64) (2016-09-26 14:15:36) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-361615494-3179049093-2519489037-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-361615494-3179049093-2519489037-503 - Limited - Disabled) Gast (S-1-5-21-361615494-3179049093-2519489037-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-361615494-3179049093-2519489037-1003 - Limited - Enabled) Timo (S-1-5-21-361615494-3179049093-2519489037-1001 - Administrator - Enabled) => C:\Users\Timo ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.1 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.52 - ICEpower a/s) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH) Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Dropbox (HKLM-x32\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden e5 Secure Download Manager (HKLM-x32\...\{896E56B1-66FC-465D-912D-E6F663D7E98E}) (Version: 3.2.236.0 - Kivuto Solutions Inc.) ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies) Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation) Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2130 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-361615494-3179049093-2519489037-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP) Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2130 - Microsoft Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.) SAP GUI for Windows 7.40 (Patch 8) (HKLM-x32\...\SAPGUI) (Version: 7.40 Compilation 3 - SAP SE) SAPSetup Automatic Workstation Update Service (HKLM-x32\...\SAP_WUS) (Version: - SAP AG) SNC Client Encryption (HKLM-x32\...\SAP Channel Encryption) (Version: - SAP SE) Update for Skype for Business 2015 (KB3191876) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{0C5B0FE3-809E-4D71-B5F6-3EFDAA93C2E6}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (10/30/2014 1.0.0.230) (HKLM\...\52EDDD14D2DC9D32A2EA2720C02CBB9E354F8DE2) (Version: 10/30/2014 1.0.0.230 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {11F5FB52-BF45-445F-B07C-BBEB173BB560} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe Task: {12FF1FEF-2EBC-4BED-BD7B-7A2A3FEBBD33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {19B73912-CE0E-4A50-8A2E-B92AE8F04295} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {24022AA1-EBEA-4E71-A273-97EB882EB26F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-04] (Google Inc.) Task: {29A01CC2-AFF0-4111-BAA2-C5050D2C1A6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {32A52F42-94A5-440B-A54E-B3E5813BF0BA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-01-22] (Realtek Semiconductor) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {3C4CC99A-9917-4825-8952-D7E8B143E168} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS) Task: {4BFF740B-34DA-4CA3-9D98-2D44FD237B0A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {5879CCCA-41BF-4D34-87F7-0CC6C1EF0CD6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-12-17] (ASUSTek Computer Inc.) Task: {6241D31A-F1CE-4AF3-A2D5-E503FA10073F} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {64A85A0B-FFCC-4CB3-92CF-6042498A3681} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-06] (Microsoft Corporation) Task: {6DA9D868-C93C-4661-BF68-823C926DD8C8} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.) Task: {76D429AF-DAB4-421F-A09A-7780CB3BB7E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7718C595-0EF1-4BD7-B6DC-E0DF436B4D57} - System32\Tasks\{5A898119-CBF6-4E9E-BAAF-356622CB80A7} => pcalua.exe -a "C:\Users\Timo\Downloads\Sophos_10_3_11_FHWS (1).exe" -d C:\WINDOWS\system32 Task: {778A61B5-0D25-4101-8961-00BE765749BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-05] (Microsoft Corporation) Task: {77DAA991-F84D-410D-A2DB-1C9C6084230E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {7F39164A-5585-4882-98E1-DEE94D20A34B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-04] (Google Inc.) Task: {8775639D-E661-44DD-BEBD-AD381F5C68C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation) Task: {A1282BCD-9D76-4866-8021-1EEAF65C420B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-05] (Microsoft Corporation) Task: {A37BD778-5B1E-4CF6-A9FE-1C562B774779} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {AA5B5DD2-B750-4478-94FB-66A4420C7934} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-21] (Dropbox, Inc.) Task: {BA139A5D-5F14-46B4-979A-720E24227AC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-23] (Adobe Systems Incorporated) Task: {C081BEFF-EB50-48EC-A2C6-8992FD6FFE43} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation) Task: {C168BAAE-54F4-4131-B805-4B65FCECFA1C} - System32\Tasks\{53A1174B-2305-4137-B62D-FA796603B980} => pcalua.exe -a C:\Users\Timo\Downloads\Sophos_10_3_11_FHWS.exe -d C:\WINDOWS\system32 Task: {C3F14375-1361-4BB4-ADB5-58C2F9D270EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation) Task: {CC568AB1-451F-45E4-9661-3536EB02D53C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {CD3A72F2-6D45-4B5D-8275-5085438FFE2D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-21] (Dropbox, Inc.) Task: {D21384D9-B59E-41B7-8BFF-9FD12BF321D4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {F8F02D69-43CD-422A-9F65-0E3DA36132B9} - \WPD\SqmUpload_S-1-5-21-361615494-3179049093-2519489037-1001 -> Keine Datei <==== ACHTUNG Task: {FDC5B68A-5FDD-4AE9-B64D-CD52A1155412} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-05-11 11:13 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-11 11:13 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-26 16:35 - 2016-09-26 16:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 23:23 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-05-27 15:50 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-14 23:20 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 23:20 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 23:20 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-05-11 11:13 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-09 20:35 - 2017-05-09 20:36 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-05-09 20:35 - 2017-05-09 20:36 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-05-09 20:35 - 2017-05-09 20:36 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-05-09 20:35 - 2017-05-09 20:36 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll 2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2014-11-05 13:44 - 2014-11-05 13:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-11-05 13:44 - 2014-11-05 13:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-05-24 10:52 - 2017-05-24 10:52 - 00098816 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32api.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00110080 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\pywintypes27.dll 2017-05-24 10:52 - 2017-05-24 10:52 - 00364544 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\pythoncom27.dll 2017-05-24 10:52 - 2017-05-24 10:52 - 00320512 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32com.shell.shell.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00914432 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_hashlib.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 01176576 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._core_.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00806400 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._gdi_.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00816128 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._windows_.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 01067008 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._controls_.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00733184 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._misc_.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00682496 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\pysqlite2._sqlite.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00088064 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_ctypes.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00686080 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\unicodedata.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00119808 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32file.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00108544 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32security.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00007168 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\hashobjs_ext.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00017920 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\thumbnails_ext.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00088064 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\usb_ext.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00012800 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\common.time34.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00018432 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32event.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00167936 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32gui.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00046080 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_socket.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 01303552 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_ssl.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00128512 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_elementtree.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00127488 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\pyexpat.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00038912 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32inet.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00036864 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_psutil_windows.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00524248 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\windows._lib_cacheinvalidation.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00011264 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32crypt.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00123392 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._wizard.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00077312 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._html2.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00027648 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_multiprocessing.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00020480 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\_yappi.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00035840 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32process.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00078848 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\wx._animate.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00024064 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32pipe.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00010240 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\select.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00025600 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32pdh.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00017408 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32profile.pyd 2017-05-24 10:52 - 2017-05-24 10:52 - 00022528 ____R () C:\Users\Timo\AppData\Local\Temp\_MEI23362\win32ts.pyd 2017-05-17 19:49 - 2017-05-16 22:55 - 00871744 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-05-17 19:49 - 2017-05-16 22:55 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2017-04-22 18:33 - 2017-04-26 02:38 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-04-22 18:33 - 2017-04-26 02:38 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2017-04-22 18:33 - 2017-04-26 02:38 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2017-04-22 18:33 - 2017-05-16 23:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2017-04-22 18:33 - 2017-04-26 02:39 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-04-22 18:33 - 2017-04-26 02:38 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-05-17 19:49 - 2017-04-26 02:38 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-05-17 19:49 - 2017-04-26 02:39 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-05-17 19:49 - 2017-04-26 02:38 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2017-04-22 18:33 - 2017-04-26 02:40 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-05-17 19:49 - 2017-04-26 02:38 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-05-17 19:49 - 2017-04-26 02:40 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-04-22 18:33 - 2017-05-16 23:00 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-05-17 19:49 - 2017-05-16 23:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-04-22 18:33 - 2017-04-26 02:39 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-04-22 18:33 - 2017-04-26 02:40 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-05-17 19:49 - 2017-04-26 02:34 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-05-17 19:49 - 2017-05-16 23:00 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-05-17 19:49 - 2017-03-22 12:07 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-05-17 19:49 - 2017-05-16 23:00 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-04-22 18:33 - 2017-05-16 23:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-05-17 19:49 - 2017-04-26 02:43 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-05-17 19:49 - 2017-04-26 02:43 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-04-22 18:33 - 2017-05-16 23:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-04-22 18:33 - 2017-05-16 23:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-05-17 19:49 - 2017-05-16 23:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-01-06 16:40 - 2015-01-06 16:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-361615494-3179049093-2519489037-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.129.23.133 - 192.129.23.210 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{407505DD-A240-4AD1-909E-1734C3626B31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{FD3F6721-956A-4A34-BCA6-FA6002679AEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BBD45A4E-AB57-4E80-B4E1-045E9E00C2E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A5C99D8F-F5CE-4D9B-A717-9DD90397D206}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B06A0F55-304C-4777-A819-86DF3E29C2BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{F6D391E9-941C-495A-A72E-562577C81A68}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{149EE5A5-2617-4588-A154-6BD00CBD9F85}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{25E1E075-D784-4AA2-9303-0BF5511B9710}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{0D549E22-6714-4DBE-B353-4450452A2009}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{5B73ACFC-2BE8-4AD6-90CA-C6B5C9120F3B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Wiederherstellungspunkte ========================= 09-05-2017 20:37:24 Windows Update 09-05-2017 20:37:54 Windows Update 17-05-2017 13:51:46 Windows Update 23-05-2017 12:14:18 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/24/2017 10:27:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/24/2017 10:25:36 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (05/24/2017 10:02:25 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (05/23/2017 12:14:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (05/23/2017 10:27:18 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/23/2017 03:24:19 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (05/23/2017 12:41:39 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (05/22/2017 10:35:03 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (05/22/2017 10:34:53 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/21/2017 11:00:11 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Systemfehler: ============= Error: (05/24/2017 10:52:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (05/24/2017 10:52:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (05/24/2017 10:52:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (05/24/2017 10:52:28 AM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0 Error: (05/24/2017 10:52:28 AM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0 Error: (05/24/2017 10:51:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} und der APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (05/24/2017 10:51:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: Es wird bereits eine Instanz des Dienstes ausgeführt. Error: (05/24/2017 10:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/24/2017 10:50:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "SAPSetup Automatic Workstation Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/24/2017 10:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-12-21 22:00:44.727 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-21 19:50:52.373 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-21 19:50:52.371 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-21 19:50:52.367 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:10.112 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:10.110 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:10.107 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:09.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:09.932 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 19:08:09.927 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Prozentuale Nutzung des RAM: 46% Installierter physikalischer RAM: 8094.72 MB Verfügbarer physikalischer RAM: 4293.01 MB Summe virtueller Speicher: 9374.72 MB Verfügbarer virtueller Speicher: 5683.94 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:326.37 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:538.53 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 036BBC20) Partition: GPT. ======================================================== Disk: 1 (Size: 22.4 GB) (Disk ID: 036BBDC4) Partition: GPT. ==================== Ende von Addition.txt ============================ |
24.05.2017, 10:26 | #2 |
| Direct Pay Zahlungsaufforderungsmail Zip Datei geöffnetFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017 durchgeführt von Timo (Administrator) auf TIMOKETTERL (24-05-2017 11:17:35) Gestartet von C:\Users\Timo\Downloads Geladene Profile: Timo (Verfügbare Profile: Timo) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SAP SE) C:\Program Files (x86)\SAP\SapSetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28734456 2017-05-16] (Dropbox, Inc.) HKU\S-1-5-21-361615494-3179049093-2519489037-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd) HKU\S-1-5-21-361615494-3179049093-2519489037-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.129.23.133 192.129.23.210 192.129.23.211 Tcpip\..\Interfaces\{84be0cb9-dbb6-40b4-a09a-758d355b5b6f}: [DhcpNameServer] 192.129.23.133 192.129.23.210 192.129.23.211 Tcpip\..\Interfaces\{8f7b24a1-c183-4129-a3bc-d2ec6cd37ba3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{a3657a6f-fe3d-416d-9a6f-fff85ebc2c1f}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-361615494-3179049093-2519489037-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-361615494-3179049093-2519489037-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-06] (Microsoft Corporation) BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-14] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-14] (Oracle Corporation) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-05] (Microsoft Corporation) BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-05] (Microsoft Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation) Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-03-21] (SAP, Walldorf) Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-03-21] (SAP, Walldorf) FireFox: ======== FF DefaultProfile: 2ecvt65p.default FF ProfilePath: C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\2ecvt65p.default [2017-05-24] FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-02-17] FF SearchPlugin: C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\2ecvt65p.default\searchplugins\McSiteAdvisor.xml [2015-12-01] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-28] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-23] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-14] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-23] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-05] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () Chrome: ======= CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert] R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2017-05-05] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-21] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-21] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-16] (Dropbox, Inc.) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (Condusiv Technologies) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 NWSAPAutoWorkstationUpdateSvc; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [234488 2017-03-21] (SAP SE) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-12-07] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-12-07] (Windows (R) Win 7 DDK provider) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation) R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation) R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation) R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25840 2013-11-18] (Condusiv Technologies) R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [117488 2013-11-18] (Condusiv Technologies) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-11] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [520176 2017-04-11] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-11] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-28] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-13] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-20] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-28] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-24] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek ) S3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-24 11:17 - 2017-05-24 11:18 - 00025309 _____ C:\Users\Timo\Downloads\FRST.txt 2017-05-24 11:17 - 2017-05-24 11:17 - 02429952 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe 2017-05-24 11:17 - 2017-05-24 11:17 - 00000000 ____D C:\FRST 2017-05-24 10:45 - 2017-05-24 10:51 - 00000000 ____D C:\AdwCleaner 2017-05-24 10:45 - 2017-05-24 10:45 - 04110280 _____ C:\Users\Timo\Downloads\adwcleaner_6.047.exe 2017-05-24 10:13 - 2017-05-24 10:13 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2017-05-24 10:13 - 2017-05-24 10:13 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2017-05-23 02:30 - 2017-05-23 02:30 - 20320760 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-05-17 19:49 - 2017-05-17 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-16 23:01 - 2017-05-16 23:01 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-05-11 11:15 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-05-11 11:15 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-05-11 11:15 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-05-11 11:15 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-05-11 11:15 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-05-11 11:15 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-05-11 11:15 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-05-11 11:15 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-05-11 11:15 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-05-11 11:15 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-05-11 11:15 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-05-11 11:15 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-05-11 11:15 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-05-11 11:15 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-05-11 11:15 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-05-11 11:15 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-05-11 11:15 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-05-11 11:15 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-05-11 11:15 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-05-11 11:15 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-05-11 11:15 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-05-11 11:15 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-05-11 11:15 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-05-11 11:15 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-05-11 11:15 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-05-11 11:15 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-05-11 11:15 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-05-11 11:15 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-05-11 11:15 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-05-11 11:15 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-05-11 11:15 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-05-11 11:15 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-05-11 11:15 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-05-11 11:15 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-05-11 11:15 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-05-11 11:15 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-05-11 11:15 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-05-11 11:15 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-05-11 11:15 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-05-11 11:15 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-05-11 11:15 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-05-11 11:15 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-05-11 11:15 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-05-11 11:15 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-05-11 11:15 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-05-11 11:15 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-05-11 11:15 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-05-11 11:15 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-05-11 11:15 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-05-11 11:15 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-05-11 11:15 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-05-11 11:15 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-05-11 11:15 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-05-11 11:15 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-05-11 11:15 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-05-11 11:15 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-05-11 11:15 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-05-11 11:15 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-05-11 11:15 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-05-11 11:15 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-05-11 11:15 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-05-11 11:15 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-05-11 11:15 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-05-11 11:15 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-05-11 11:15 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-05-11 11:15 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-05-11 11:15 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-05-11 11:15 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-05-11 11:15 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-05-11 11:15 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-05-11 11:15 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-05-11 11:15 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-05-11 11:15 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-05-11 11:15 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-05-11 11:15 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-05-11 11:15 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-05-11 11:15 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-05-11 11:15 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-05-11 11:15 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-05-11 11:15 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-05-11 11:15 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-05-11 11:15 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-05-11 11:15 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-05-11 11:15 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-05-11 11:15 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-05-11 11:15 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-05-11 11:15 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-05-11 11:15 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-05-11 11:15 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-05-11 11:15 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-05-11 11:15 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-05-11 11:15 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-05-11 11:15 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-05-11 11:14 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-05-11 11:14 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-05-11 11:14 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-05-11 11:14 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-05-11 11:14 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-05-11 11:14 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-05-11 11:14 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2017-05-11 11:14 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-05-11 11:14 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-05-11 11:14 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-05-11 11:14 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2017-05-11 11:14 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-05-11 11:14 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-05-11 11:14 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-05-11 11:14 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-05-11 11:14 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-05-11 11:14 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-05-11 11:14 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-05-11 11:14 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-05-11 11:14 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-05-11 11:14 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-05-11 11:14 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-05-11 11:14 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-05-11 11:14 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-05-11 11:14 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-05-11 11:14 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-05-11 11:14 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2017-05-11 11:14 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll 2017-05-11 11:14 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll 2017-05-11 11:14 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-05-11 11:14 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-05-11 11:14 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-05-11 11:14 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-05-11 11:14 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-05-11 11:14 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-05-11 11:14 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-05-11 11:14 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-05-11 11:14 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2017-05-11 11:14 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2017-05-11 11:14 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-05-11 11:14 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-05-11 11:14 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-05-11 11:14 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2017-05-11 11:14 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-05-11 11:14 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-05-11 11:14 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-05-11 11:14 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-05-11 11:14 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2017-05-11 11:14 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-05-11 11:14 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-05-11 11:14 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-05-11 11:14 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2017-05-11 11:14 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-05-11 11:14 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2017-05-11 11:14 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-05-11 11:14 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-05-11 11:14 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-05-11 11:14 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-05-11 11:14 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-05-11 11:14 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-05-11 11:14 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-05-11 11:14 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll 2017-05-11 11:14 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll 2017-05-11 11:14 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-05-11 11:14 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-05-11 11:14 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-05-11 11:14 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-05-11 11:14 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-05-11 11:14 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-05-11 11:14 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-05-11 11:14 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-05-11 11:14 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-05-11 11:14 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-05-11 11:14 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll 2017-05-11 11:14 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-05-11 11:14 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-05-11 11:14 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-05-11 11:14 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-05-11 11:14 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll 2017-05-11 11:14 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-05-11 11:14 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-05-11 11:14 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-05-11 11:14 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-05-11 11:14 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-05-11 11:14 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-05-11 11:14 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-05-11 11:14 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-05-11 11:14 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-05-11 11:14 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-05-11 11:14 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-05-11 11:14 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-05-11 11:14 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-05-11 11:14 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-05-11 11:14 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-05-11 11:14 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-05-11 11:14 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-05-11 11:14 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-05-11 11:14 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-05-11 11:14 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-05-11 11:14 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-05-11 11:14 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-05-11 11:14 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-05-11 11:14 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-05-11 11:14 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-05-11 11:14 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-05-11 11:14 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-05-11 11:14 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-05-11 11:14 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-05-11 11:14 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-05-11 11:14 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-05-11 11:14 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-05-11 11:14 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-05-11 11:14 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-05-11 11:14 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-05-11 11:14 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-05-11 11:14 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-05-11 11:14 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-05-11 11:14 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-05-11 11:14 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-05-11 11:14 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-05-11 11:13 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-05-11 11:13 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-05-11 11:13 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-05-11 11:13 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-11 11:13 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-05-11 11:13 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-11 11:13 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-11 11:13 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-05-11 11:13 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-05-11 11:13 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-05-11 11:13 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-05-11 11:13 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-05-11 11:13 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-05-11 11:13 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2017-05-11 11:13 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-11 11:13 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-05-11 11:13 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-05-11 11:13 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-05-11 11:13 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-05-11 11:13 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-05-11 11:13 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-05-11 11:13 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-05-11 11:13 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-05-11 11:13 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-05-11 11:13 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-05-11 11:13 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-05-11 11:13 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-05-11 11:13 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys 2017-05-11 11:13 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-05-11 11:13 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-05-11 11:13 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-05-11 11:13 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-05-11 11:13 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-05-11 11:13 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-05-11 11:13 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-05-11 11:13 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-05-11 11:13 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-05-11 11:13 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-05-11 11:13 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-05-11 11:13 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-11 11:13 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-05-11 11:13 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-05-11 11:13 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-05-11 11:13 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-05-11 11:13 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-05-11 11:13 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-05-11 11:13 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll 2017-05-11 11:13 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-05-11 11:13 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-11 11:13 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-05-11 11:13 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-11 11:13 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-05-11 11:13 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-05-11 11:13 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-05-11 11:13 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-05-11 11:13 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-05-11 11:13 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-05-11 11:13 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-05-11 11:13 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-05-11 11:13 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-05-11 11:13 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2017-05-11 11:13 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-05-11 11:13 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-05-11 11:13 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-05-11 11:13 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-05-11 11:13 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-05-11 11:13 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-05-11 11:13 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-05-11 11:13 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-05-11 11:13 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-05-11 11:13 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-05-11 11:13 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-05-11 11:13 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-05-11 11:13 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-11 11:13 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-05-11 11:13 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-11 11:13 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-05-11 11:13 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-05-11 11:13 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-05-11 11:13 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-05-11 11:13 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2017-05-11 11:13 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-05-11 11:13 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-05-11 11:13 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-05-11 11:13 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-05-11 11:13 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-05-11 11:13 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-05-11 11:13 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-05-11 11:13 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-05-11 11:13 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-05-11 11:13 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-05-11 11:13 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2017-05-11 11:13 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-11 11:13 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-05-11 11:13 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-05-11 11:13 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-05-11 11:13 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-11 11:13 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-05-11 11:13 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-05-11 11:13 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-05-11 11:13 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-05-11 11:13 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-05-11 11:13 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-05-11 11:13 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-05-11 11:13 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-05-11 11:13 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-05-11 11:13 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-05-11 11:13 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-05-11 11:13 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-05-11 11:13 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-05-11 11:13 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-05-11 11:13 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-05-11 11:13 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2017-05-11 11:13 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-05-11 11:13 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-05-11 11:12 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-05-11 11:12 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-05-11 11:12 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-05-11 11:12 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2017-05-11 11:12 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2017-05-11 11:12 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll 2017-05-11 11:12 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2017-05-11 11:12 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2017-05-11 11:12 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2017-05-11 11:12 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-05-11 11:12 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-05-11 11:12 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-05-11 11:12 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-05-11 11:12 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-05-11 11:12 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-05-11 11:12 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-05-11 11:12 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-05-11 11:12 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-05-11 11:12 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-05-11 11:12 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-05-11 11:12 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-05-11 11:12 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-05-11 11:12 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-05-11 11:12 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-05-11 11:12 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2017-05-11 11:12 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-05-11 11:12 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-05-11 11:12 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-05-11 11:12 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-05-11 11:12 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-05-11 11:12 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-05-11 11:12 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-05-11 11:12 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-05-11 11:12 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-05-11 11:12 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-05-11 11:12 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2017-05-11 11:12 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll 2017-05-11 11:12 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2017-05-11 11:12 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-05-11 11:12 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-05-11 11:12 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-05-11 11:12 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-05-11 11:12 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-05-11 11:12 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-05-11 11:12 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-05-11 11:12 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2017-05-11 11:12 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-05-11 11:12 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2017-05-11 11:12 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-05-11 11:12 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-05-11 11:12 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2017-05-11 11:12 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-05-11 11:12 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-05-11 11:12 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-05-11 11:12 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2017-05-11 11:12 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-05-11 11:12 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-05-11 11:12 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-05-11 11:12 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-05-11 11:12 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-05-11 11:12 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2017-05-11 11:12 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-05-11 11:12 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-05-11 11:12 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-05-11 11:12 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-05-11 11:12 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-05-11 11:12 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2017-05-11 11:12 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll 2017-05-11 11:12 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-05-11 11:12 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-05-11 11:12 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-05-11 11:12 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-05-11 11:12 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-05-11 11:12 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-05-11 11:12 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-05-11 11:12 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2017-05-11 11:12 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-05-11 11:12 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2017-05-11 11:12 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2017-05-11 11:12 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2017-05-11 11:12 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-05-11 11:12 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll 2017-05-11 11:12 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll 2017-05-11 11:12 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-05-11 11:12 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-05-11 11:12 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-05-11 11:12 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-05-11 11:12 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll 2017-05-11 11:12 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-05-11 11:12 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-05-11 11:12 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-05-11 11:12 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-05-11 11:12 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-05-11 11:12 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-05-11 11:12 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-05-11 11:12 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-05-11 11:12 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-05-11 11:12 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-05-11 11:12 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2017-05-11 11:12 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-05-11 11:12 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-05-11 11:12 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-05-11 11:12 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-05-11 11:12 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-05-11 11:12 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2017-05-11 11:12 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-05-11 11:12 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-05-11 11:12 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-05-11 11:12 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-05-11 11:12 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-05-11 11:12 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-05-11 11:12 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-05-11 11:12 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-05-11 11:12 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-05-11 11:12 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-05-11 11:12 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-05-11 11:12 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-05-11 11:12 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-05-11 11:12 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-05-11 11:12 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-05-11 11:12 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-05-09 20:29 - 2017-05-09 20:29 - 00229126 _____ C:\Users\Timo\Downloads\Pressemeldung_OpusCapita_Amazon_Dez_2016.pdf 2017-05-03 16:26 - 2017-05-03 16:26 - 00176833 _____ C:\Users\Timo\Downloads\Katalogsysteme im Test. Simulation eines realistischen Beschaffungsszenario Paul Dachtler.pdf 2017-04-28 11:49 - 2017-04-28 11:49 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-24 10:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-24 10:59 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-24 10:57 - 2016-07-17 00:51 - 01296448 _____ C:\WINDOWS\system32\perfh007.dat 2017-05-24 10:57 - 2016-07-17 00:51 - 00313708 _____ C:\WINDOWS\system32\perfc007.dat 2017-05-24 10:57 - 2015-10-13 19:19 - 02990522 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-24 10:54 - 2015-12-01 17:04 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-05-24 10:53 - 2017-04-04 13:25 - 00000000 ___RD C:\Users\Timo\Google Drive 2017-05-24 10:53 - 2016-11-22 23:30 - 00000000 ____D C:\Users\Timo\AppData\LocalLow\Mozilla 2017-05-24 10:52 - 2016-09-26 16:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-24 10:52 - 2016-09-26 15:44 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-05-24 10:52 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-05-24 10:52 - 2015-10-13 16:47 - 00000165 _____ C:\Users\Timo\AppData\Roaming\sp_data.sys 2017-05-24 10:52 - 2015-10-13 16:45 - 00000000 __SHD C:\Users\Timo\IntelGraphicsProfiles 2017-05-24 10:05 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-24 10:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-23 12:17 - 2015-10-20 21:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-05-23 12:17 - 2015-10-13 16:46 - 00000000 ____D C:\Users\Timo\AppData\Local\Packages 2017-05-23 12:14 - 2015-10-20 21:18 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-05-23 12:09 - 2016-11-22 22:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-23 12:09 - 2015-10-22 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-23 12:00 - 2016-09-26 16:11 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-05-23 12:00 - 2016-09-26 16:11 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-05-23 10:14 - 2016-09-26 15:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-23 05:13 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-05-23 02:30 - 2016-09-26 16:11 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-05-23 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-05-23 02:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-05-21 22:30 - 2016-04-21 10:57 - 00000000 ____D C:\Users\Timo\AppData\Local\Dropbox 2017-05-21 22:21 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-17 19:50 - 2016-04-21 10:57 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-13 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2017-05-12 12:17 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-05-12 12:14 - 2015-09-10 07:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-05-11 17:52 - 2016-09-26 15:41 - 00346808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-11 17:48 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-05-11 17:48 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-05-11 17:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-05-11 17:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-05-11 17:48 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-05-11 17:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-05-11 11:19 - 2015-10-13 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-05-10 19:12 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2017-05-09 23:37 - 2015-10-13 16:50 - 00000000 ___RD C:\Users\Timo\OneDrive 2017-05-02 22:05 - 2016-04-21 11:00 - 00000000 ___RD C:\Users\Timo\Dropbox 2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-28 03:01 - 2016-09-26 15:44 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-04-27 21:00 - 2017-04-04 13:23 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-27 21:00 - 2017-04-04 13:23 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-27 16:03 - 2017-02-22 16:55 - 00000000 ____D C:\Users\Timo\Documents\Mario Ausbildungsnachweise ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-13 16:47 - 2017-05-24 10:52 - 0000165 _____ () C:\Users\Timo\AppData\Roaming\sp_data.sys 2016-09-26 15:44 - 2016-09-26 15:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-05-13 18:05 ==================== Ende von FRST.txt ============================ |
25.05.2017, 10:25 | #3 |
| Direct Pay Zahlungsaufforderungsmail Zip Datei geöffnet 11:27:04.0407 0x2008 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
__________________11:27:04.0407 0x2008 UEFI system 11:27:07.0556 0x2008 ============================================================ 11:27:07.0556 0x2008 Current date / time: 2017/05/24 11:27:07.0556 11:27:07.0557 0x2008 SystemInfo: 11:27:07.0557 0x2008 11:27:07.0557 0x2008 OS Version: 10.0.14393 ServicePack: 0.0 11:27:07.0557 0x2008 Product type: Workstation 11:27:07.0557 0x2008 ComputerName: TIMOKETTERL 11:27:07.0557 0x2008 UserName: Timo 11:27:07.0557 0x2008 Windows directory: C:\WINDOWS 11:27:07.0557 0x2008 System windows directory: C:\WINDOWS 11:27:07.0557 0x2008 Running under WOW64 11:27:07.0557 0x2008 Processor architecture: Intel x64 11:27:07.0557 0x2008 Number of processors: 4 11:27:07.0557 0x2008 Page size: 0x1000 11:27:07.0557 0x2008 Boot type: Normal boot 11:27:07.0557 0x2008 CodeIntegrityOptions = 0x00000001 11:27:07.0557 0x2008 ============================================================ 11:27:07.0689 0x2008 KLMD registered as C:\WINDOWS\system32\drivers\64302996.sys 11:27:07.0689 0x2008 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19 11:27:07.0829 0x2008 System UUID: {7DDA1A94-508C-6DE9-D655-1C12B1EB39ED} 11:27:08.0375 0x2008 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:27:08.0376 0x2008 Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:27:08.0381 0x2008 ============================================================ 11:27:08.0381 0x2008 \Device\Harddisk0\DR0: 11:27:08.0382 0x2008 GPT partitions: 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E52D9276-E819-498F-B9E4-422788EC84FD}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7A874172-FAAC-4BF6-9379-5EAD497DC9E3}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BA8EEE1B-1A83-47AA-BC02-0E4973DE6088}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2127DACB-5178-4D14-985D-E41221A2362C}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x2E935000 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ECBCDB15-BEA8-4959-89D4-D526BEC97E50}, Name: Basic data partition, StartLBA 0x2EB69800, BlocksNum 0x43D98000 11:27:08.0382 0x2008 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5FB8421E-0CEB-458E-AEDC-D58D8FA51CD6}, Name: Basic data partition, StartLBA 0x72901800, BlocksNum 0x1E05000 11:27:08.0382 0x2008 MBR partitions: 11:27:08.0382 0x2008 \Device\Harddisk1\DR1: 11:27:08.0382 0x2008 GPT partitions: 11:27:08.0383 0x2008 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x800, BlocksNum 0x2CBA800 11:27:08.0383 0x2008 MBR partitions: 11:27:08.0383 0x2008 ============================================================ 11:27:08.0409 0x2008 C: <-> \Device\Harddisk0\DR0\Partition4 11:27:08.0505 0x2008 D: <-> \Device\Harddisk0\DR0\Partition5 11:27:08.0505 0x2008 ============================================================ 11:27:08.0505 0x2008 Initialize success 11:27:08.0505 0x2008 ============================================================ 11:27:10.0390 0x2360 ============================================================ 11:27:10.0390 0x2360 Scan started 11:27:10.0390 0x2360 Mode: Manual; 11:27:10.0390 0x2360 ============================================================ 11:27:10.0390 0x2360 KSN ping started 11:27:10.0560 0x2360 KSN ping finished: true 11:27:13.0125 0x2360 ================ Scan system memory ======================== 11:27:13.0125 0x2360 System memory - ok 11:27:13.0125 0x2360 ================ Scan services ============================= 11:27:13.0649 0x2360 1394ohci - ok 11:27:13.0659 0x2360 3ware - ok 11:27:13.0680 0x2360 ACPI - ok 11:27:13.0689 0x2360 AcpiDev - ok 11:27:13.0698 0x2360 acpiex - ok 11:27:13.0708 0x2360 acpipagr - ok 11:27:13.0776 0x2360 AcpiPmi - ok 11:27:13.0784 0x2360 acpitime - ok 11:27:13.0944 0x2360 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:27:13.0963 0x2360 AdobeFlashPlayerUpdateSvc - ok 11:27:14.0004 0x2360 ADP80XX - ok 11:27:14.0017 0x2360 AFD - ok 11:27:14.0028 0x2360 ahcache - ok 11:27:14.0063 0x2360 AJRouter - ok 11:27:14.0074 0x2360 ALG - ok 11:27:14.0092 0x2360 AmdK8 - ok 11:27:14.0104 0x2360 AmdPPM - ok 11:27:14.0108 0x2360 amdsata - ok 11:27:14.0113 0x2360 amdsbs - ok 11:27:14.0118 0x2360 amdxata - ok 11:27:14.0123 0x2360 AppID - ok 11:27:14.0151 0x2360 AppIDSvc - ok 11:27:14.0167 0x2360 Appinfo - ok 11:27:14.0199 0x2360 applockerfltr - ok 11:27:14.0217 0x2360 AppReadiness - ok 11:27:14.0238 0x2360 AppXSvc - ok 11:27:14.0260 0x2360 arcsas - ok 11:27:14.0349 0x2360 [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe 11:27:14.0356 0x2360 ASLDRService - ok 11:27:14.0377 0x2360 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 11:27:14.0379 0x2360 ASMMAP64 - ok 11:27:14.0434 0x2360 [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe 11:27:14.0439 0x2360 Asus WebStorage Windows Service - ok 11:27:14.0447 0x2360 AsyncMac - ok 11:27:14.0498 0x2360 atapi - ok 11:27:14.0517 0x2360 athr - ok 11:27:14.0540 0x2360 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 11:27:14.0546 0x2360 ATKGFNEXSrv - ok 11:27:14.0596 0x2360 [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 11:27:14.0598 0x2360 ATKWMIACPIIO - ok 11:27:14.0661 0x2360 AudioEndpointBuilder - ok 11:27:14.0694 0x2360 Audiosrv - ok 11:27:14.0803 0x2360 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe 11:27:14.0816 0x2360 AVP17.0.0 - ok 11:27:14.0842 0x2360 AxInstSV - ok 11:27:14.0862 0x2360 b06bdrv - ok 11:27:14.0893 0x2360 BasicDisplay - ok 11:27:14.0912 0x2360 BasicRender - ok 11:27:14.0960 0x2360 bcmfn - ok 11:27:14.0977 0x2360 bcmfn2 - ok 11:27:14.0996 0x2360 BDESVC - ok 11:27:15.0009 0x2360 Beep - ok 11:27:15.0050 0x2360 BFE - ok 11:27:15.0079 0x2360 BITS - ok 11:27:15.0088 0x2360 bowser - ok 11:27:15.0111 0x2360 BrokerInfrastructure - ok 11:27:15.0120 0x2360 Browser - ok 11:27:15.0165 0x2360 BthAvrcpTg - ok 11:27:15.0169 0x2360 BthHFEnum - ok 11:27:15.0178 0x2360 bthhfhid - ok 11:27:15.0188 0x2360 BthHFSrv - ok 11:27:15.0204 0x2360 BTHMODEM - ok 11:27:15.0242 0x2360 bthserv - ok 11:27:15.0271 0x2360 buttonconverter - ok 11:27:15.0304 0x2360 CapImg - ok 11:27:15.0328 0x2360 cdfs - ok 11:27:15.0350 0x2360 CDPSvc - ok 11:27:15.0372 0x2360 CDPUserSvc - ok 11:27:15.0438 0x2360 cdrom - ok 11:27:15.0482 0x2360 CertPropSvc - ok 11:27:15.0521 0x2360 [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe 11:27:15.0523 0x2360 chip1click - ok 11:27:15.0561 0x2360 cht4iscsi - ok 11:27:15.0564 0x2360 cht4vbd - ok 11:27:15.0610 0x2360 circlass - ok 11:27:15.0624 0x2360 CLFS - ok 11:27:15.0914 0x2360 [ 9A9B6BC4927AA123CC47393B124A3BB5, 626799AA4E3957BCAB3B5A69E41C758B888EAB7F5FF4D785DB44E3DCE818761A ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 11:27:15.0965 0x2360 ClickToRunSvc - ok 11:27:15.0990 0x2360 ClipSVC - ok 11:27:16.0032 0x2360 clreg - ok 11:27:16.0105 0x2360 CmBatt - ok 11:27:16.0173 0x2360 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys 11:27:16.0187 0x2360 cm_km - ok 11:27:16.0205 0x2360 CNG - ok 11:27:16.0212 0x2360 cnghwassist - ok 11:27:16.0288 0x2360 CompositeBus - ok 11:27:16.0293 0x2360 COMSysApp - ok 11:27:16.0317 0x2360 condrv - ok 11:27:16.0353 0x2360 CoreMessagingRegistrar - ok 11:27:16.0519 0x2360 [ E49BF2E02840BF204F4A7F9EA60FF2EC, 1E1C51C6924F86997F46A520F9B2C4195DB44A8E6DED4A7AB49560BEF752CBF0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 11:27:16.0534 0x2360 cphs - ok 11:27:16.0573 0x2360 CryptSvc - ok 11:27:16.0587 0x2360 dam - ok 11:27:16.0710 0x2360 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 11:27:16.0712 0x2360 dbupdate - ok 11:27:16.0718 0x2360 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 11:27:16.0720 0x2360 dbupdatem - ok 11:27:16.0724 0x2360 dbx - ok 11:27:16.0752 0x2360 [ 85E71BD98A72996A00C71EB7B537A631, 7ECCEF0CF289DD0649F1A9F176F8631BBE0D043723D368E13F26FA7C49A82D6F ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe 11:27:16.0757 0x2360 DbxSvc - ok 11:27:16.0789 0x2360 DcomLaunch - ok 11:27:16.0827 0x2360 DcpSvc - ok 11:27:16.0850 0x2360 defragsvc - ok 11:27:16.0865 0x2360 DeviceAssociationService - ok 11:27:16.0886 0x2360 DeviceInstall - ok 11:27:16.0907 0x2360 DevQueryBroker - ok 11:27:16.0933 0x2360 Dfsc - ok 11:27:16.0965 0x2360 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 11:27:16.0971 0x2360 dg_ssudbus - ok 11:27:17.0023 0x2360 Dhcp - ok 11:27:17.0073 0x2360 diagnosticshub.standardcollector.service - ok 11:27:17.0106 0x2360 DiagTrack - ok 11:27:17.0128 0x2360 disk - ok 11:27:17.0158 0x2360 DmEnrollmentSvc - ok 11:27:17.0167 0x2360 dmvsc - ok 11:27:17.0230 0x2360 dmwappushservice - ok 11:27:17.0263 0x2360 Dnscache - ok 11:27:17.0290 0x2360 dot3svc - ok 11:27:17.0346 0x2360 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys 11:27:17.0350 0x2360 dot4 - ok 11:27:17.0366 0x2360 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys 11:27:17.0367 0x2360 Dot4Print - ok 11:27:17.0387 0x2360 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys 11:27:17.0389 0x2360 dot4usb - ok 11:27:17.0407 0x2360 DPS - ok 11:27:17.0442 0x2360 [ 4C1DDFC71179C642E86DB4A321724797, 7B57E45C4301F546CB1194FC028BA091D8495B98B5CB0E12F1819371774AF628 ] dptf_cpu C:\WINDOWS\System32\drivers\dptf_cpu.sys 11:27:17.0444 0x2360 dptf_cpu - ok 11:27:17.0469 0x2360 [ E3F0EE3422AE6448982C4AEB725A09E2, 00A22AA06D6F1BB21F4A7E170604D3FD72E5CDF1B570301454837CC578A1C769 ] dptf_pch C:\WINDOWS\System32\drivers\dptf_pch.sys 11:27:17.0471 0x2360 dptf_pch - ok 11:27:17.0510 0x2360 drmkaud - ok 11:27:17.0529 0x2360 DsmSvc - ok 11:27:17.0541 0x2360 DsSvc - ok 11:27:17.0554 0x2360 DXGKrnl - ok 11:27:17.0574 0x2360 EapHost - ok 11:27:17.0579 0x2360 ebdrv - ok 11:27:17.0618 0x2360 EFS - ok 11:27:17.0649 0x2360 EhStorClass - ok 11:27:17.0676 0x2360 EhStorTcgDrv - ok 11:27:17.0710 0x2360 embeddedmode - ok 11:27:17.0758 0x2360 EntAppSvc - ok 11:27:17.0784 0x2360 ErrDev - ok 11:27:17.0856 0x2360 [ 127C81F616E8CB699CFC16B0A2AF412C, 62C450228BFD0B1C6EB286230E13192F682F9738F8E668E1A390B1A250281FA1 ] esifsvc C:\Windows\SysWOW64\esif_uf.exe 11:27:17.0875 0x2360 esifsvc - ok 11:27:17.0920 0x2360 [ C7BB8A4F62C7B23D4548B465688A1CCF, FC824630149593FE9D469D5D7536B277EC0138F8B52980822488F9B43DFFFD32 ] esif_lf C:\WINDOWS\System32\drivers\esif_lf.sys 11:27:17.0924 0x2360 esif_lf - ok 11:27:17.0953 0x2360 EventSystem - ok 11:27:17.0981 0x2360 [ E654CAC28975B6AEF1FB7D6FE9B26F74, D9C5D123A85D779DE6577050BDF961B817F6DF4F0E07E0D02FBB9B0A31B666F7 ] excfs C:\WINDOWS\system32\DRIVERS\excfs.sys 11:27:17.0984 0x2360 excfs - ok 11:27:18.0011 0x2360 [ 4CCBF79BA0312B56E89C0B9365F8A763, 3F4AD24FDDBC68FBC04A09EC938FE290EF75F2DC93749F8C0386ADBA32BC5BD9 ] excsd C:\WINDOWS\system32\DRIVERS\excsd.sys 11:27:18.0018 0x2360 excsd - ok 11:27:18.0027 0x2360 exfat - ok 11:27:18.0107 0x2360 [ 5117F48112199D74343318A4520B6D64, 7118C00B713366C49D4CFDD0F3D39F06E0D93652E95678555FB4B4CD1BD2FE38 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe 11:27:18.0123 0x2360 ExpressCache - ok 11:27:18.0142 0x2360 fastfat - ok 11:27:18.0167 0x2360 Fax - ok 11:27:18.0216 0x2360 fdc - ok 11:27:18.0254 0x2360 fdPHost - ok 11:27:18.0272 0x2360 FDResPub - ok 11:27:18.0330 0x2360 fhsvc - ok 11:27:18.0365 0x2360 FileCrypt - ok 11:27:18.0377 0x2360 FileInfo - ok 11:27:18.0427 0x2360 Filetrace - ok 11:27:18.0434 0x2360 flpydisk - ok 11:27:18.0444 0x2360 FltMgr - ok 11:27:18.0479 0x2360 FontCache - ok 11:27:18.0636 0x2360 FontCache3.0.0.0 - ok 11:27:18.0666 0x2360 FrameServer - ok 11:27:18.0687 0x2360 FsDepends - ok 11:27:18.0707 0x2360 Fs_Rec - ok 11:27:18.0726 0x2360 fvevol - ok 11:27:18.0816 0x2360 [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe 11:27:18.0827 0x2360 GamesAppIntegrationService - ok 11:27:18.0847 0x2360 [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 11:27:18.0853 0x2360 GamesAppService - ok 11:27:18.0889 0x2360 gencounter - ok 11:27:18.0927 0x2360 genericusbfn - ok 11:27:18.0937 0x2360 GPIOClx0101 - ok 11:27:18.0978 0x2360 gpsvc - ok 11:27:18.0983 0x2360 GpuEnergyDrv - ok 11:27:19.0036 0x2360 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:27:19.0044 0x2360 gupdate - ok 11:27:19.0071 0x2360 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:27:19.0079 0x2360 gupdatem - ok 11:27:19.0097 0x2360 HDAudBus - ok 11:27:19.0105 0x2360 HidBatt - ok 11:27:19.0155 0x2360 HidBth - ok 11:27:19.0196 0x2360 hidi2c - ok 11:27:19.0206 0x2360 hidinterrupt - ok 11:27:19.0217 0x2360 HidIr - ok 11:27:19.0230 0x2360 hidserv - ok 11:27:19.0259 0x2360 [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys 11:27:19.0260 0x2360 HIDSwitch - ok 11:27:19.0314 0x2360 HidUsb - ok 11:27:19.0354 0x2360 HomeGroupListener - ok 11:27:19.0377 0x2360 HomeGroupProvider - ok 11:27:19.0417 0x2360 HpSAMD - ok 11:27:19.0451 0x2360 HTTP - ok 11:27:19.0484 0x2360 HvHost - ok 11:27:19.0534 0x2360 hvservice - ok 11:27:19.0565 0x2360 hwpolicy - ok 11:27:19.0606 0x2360 hyperkbd - ok 11:27:19.0641 0x2360 i8042prt - ok 11:27:19.0678 0x2360 iagpio - ok 11:27:19.0689 0x2360 iai2c - ok 11:27:19.0708 0x2360 iaLPSS2i_GPIO2 - ok 11:27:19.0720 0x2360 iaLPSS2i_I2C - ok 11:27:19.0741 0x2360 iaLPSSi_GPIO - ok 11:27:19.0744 0x2360 iaLPSSi_I2C - ok 11:27:19.0830 0x2360 [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 11:27:19.0849 0x2360 iaStorA - ok 11:27:19.0862 0x2360 iaStorAV - ok 11:27:19.0865 0x2360 iaStorV - ok 11:27:19.0885 0x2360 ibbus - ok 11:27:19.0953 0x2360 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 11:27:19.0962 0x2360 ICCS - ok 11:27:20.0021 0x2360 icssvc - ok 11:27:20.0442 0x2360 [ 7BA5F6FEAA79BB7C7A635E6B3982A0D3, 3AD37704AFB4FFA8877EC4B651C8C5B624CC8340E1392CCFCF14C2FC53259E2C ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 11:27:20.0560 0x2360 igfx - ok 11:27:20.0593 0x2360 [ AFDAB46F7D47A5D298A4F956A3C18116, C329A1BF2F8FD703EE8AFC6F99297386BAD8217B98EA2300578B8EADA9F06D52 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 11:27:20.0603 0x2360 igfxCUIService2.0.0.0 - ok 11:27:20.0619 0x2360 IKEEXT - ok 11:27:20.0633 0x2360 IndirectKmd - ok 11:27:20.0813 0x2360 [ F63A8126646CDAE214143738BDAB4267, D4F1E1B1FC801D6153A90CB387FB4C326E512E1F3439F5BAE20B01BD0E356233 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 11:27:20.0879 0x2360 IntcAzAudAddService - ok 11:27:20.0928 0x2360 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 11:27:20.0938 0x2360 IntcDAud - ok 11:27:21.0109 0x2360 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 11:27:21.0140 0x2360 Intel(R) Capability Licensing Service TCP IP Interface - ok 11:27:21.0165 0x2360 [ 02555C6B4BFC2934E9C7E5B83E4C62CF, 8E6AC57322A5B6DB38009A811702C19C2DF621A5519D0D2EB8B264A9A8F1147B ] IntelHSWPcc C:\WINDOWS\system32\drivers\IntelPcc.sys 11:27:21.0168 0x2360 IntelHSWPcc - ok 11:27:21.0195 0x2360 intelide - ok 11:27:21.0198 0x2360 intelpep - ok 11:27:21.0203 0x2360 intelppm - ok 11:27:21.0233 0x2360 iorate - ok 11:27:21.0254 0x2360 IpFilterDriver - ok 11:27:21.0295 0x2360 iphlpsvc - ok 11:27:21.0322 0x2360 IPMIDRV - ok 11:27:21.0326 0x2360 IPNAT - ok 11:27:21.0329 0x2360 irda - ok 11:27:21.0333 0x2360 IRENUM - ok 11:27:21.0351 0x2360 irmon - ok 11:27:21.0373 0x2360 isapnp - ok 11:27:21.0404 0x2360 iScsiPrt - ok 11:27:21.0448 0x2360 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 11:27:21.0452 0x2360 iwdbus - ok 11:27:21.0507 0x2360 [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 11:27:21.0512 0x2360 jhi_service - ok 11:27:21.0562 0x2360 kbdclass - ok 11:27:21.0598 0x2360 kbdhid - ok 11:27:21.0616 0x2360 kdnic - ok 11:27:21.0641 0x2360 KeyIso - ok 11:27:21.0750 0x2360 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys 11:27:21.0771 0x2360 kl1 - ok 11:27:21.0791 0x2360 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys 11:27:21.0793 0x2360 klbackupdisk - ok 11:27:21.0802 0x2360 [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys 11:27:21.0805 0x2360 klbackupflt - ok 11:27:21.0819 0x2360 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys 11:27:21.0822 0x2360 kldisk - ok 11:27:21.0848 0x2360 [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys 11:27:21.0849 0x2360 klelam - ok 11:27:21.0874 0x2360 [ FA0253329B8951509D9B5A476CCD41D4, 1981BFCBEB8AF7D677791E1D46AD4434DA3CE0AC2A5CFB26916821FAB45EA757 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys 11:27:21.0877 0x2360 klflt - ok 11:27:21.0915 0x2360 [ 432A489DEF978702210732364E7CF486, 0D911843EB49F70BC60AEB56DD66BBC328E065F6AD2ED4EC7FCCD30C61A3B017 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys 11:27:21.0924 0x2360 klhk - ok 11:27:21.0988 0x2360 klids - ok 11:27:22.0043 0x2360 [ 4DF87FF594381901C224866A61A25B7B, AFAF93F4C08B481F0203ECFB2B4F0997728E9C91B694CB2BF9BBBF4889EFC48B ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys 11:27:22.0064 0x2360 KLIF - ok 11:27:22.0101 0x2360 [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys 11:27:22.0103 0x2360 KLIM6 - ok 11:27:22.0119 0x2360 [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys 11:27:22.0121 0x2360 klkbdflt - ok 11:27:22.0137 0x2360 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys 11:27:22.0138 0x2360 klmouflt - ok 11:27:22.0164 0x2360 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys 11:27:22.0165 0x2360 klpd - ok 11:27:22.0201 0x2360 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\WINDOWS\System32\drivers\kltap.sys 11:27:22.0203 0x2360 kltap - ok 11:27:22.0246 0x2360 [ 097D722294B9C1FA6E514A088F2E6B6E, FB0492CAF45FDF7F656CFF6662309435679C946269577ECF76A3077B7D7F940B ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 11:27:22.0253 0x2360 klupd_klif_arkmon - ok 11:27:22.0272 0x2360 [ 34D207C9300529BE5E29267922483778, 6F2888A3E649B78477A568E8F8A2527493D9D0D1FD13822E5D90AE575D2041D2 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys 11:27:22.0275 0x2360 klupd_klif_kimul - ok 11:27:22.0301 0x2360 [ 1A4847813BF6A06C6D3D65BA7B59A3BD, ED7895487E53288446C21505F1B8554E94807638F335867FDE66B5FC460F7D1A ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 11:27:22.0307 0x2360 klupd_klif_klark - ok 11:27:22.0337 0x2360 [ 37B7BFC87ABE4C881FA2F9830407FDFD, EB8AF1EA83C378E4F079822221383FABDAB9000122434D0951929C01CF961F95 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 11:27:22.0340 0x2360 klupd_klif_klbg - ok 11:27:22.0386 0x2360 [ D0B29808F37C6F6373AB16B716D9A1F8, 82E5760F0A313E43E3B9AF44E2A811021B84E7954CB5DC1462C7033AAEA8AF4B ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 11:27:22.0391 0x2360 klupd_klif_mark - ok 11:27:22.0491 0x2360 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe 11:27:22.0495 0x2360 klvssbrigde64 - ok 11:27:22.0525 0x2360 [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys 11:27:22.0530 0x2360 klwfp - ok 11:27:22.0564 0x2360 [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys 11:27:22.0572 0x2360 Klwtp - ok 11:27:22.0602 0x2360 [ 098D3EBDC599E05449A3BFB5BB519FE0, 00A02DE53312D4DF52E26E14E0E803255DF5AFAE95455EAE5A004F9E84C8B2F5 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys 11:27:22.0614 0x2360 kneps - ok 11:27:22.0664 0x2360 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe 11:27:22.0675 0x2360 KSDE1.0.0 - ok 11:27:22.0697 0x2360 KSecDD - ok 11:27:22.0708 0x2360 KSecPkg - ok 11:27:22.0718 0x2360 ksthunk - ok 11:27:22.0767 0x2360 KtmRm - ok 11:27:22.0783 0x2360 LanmanServer - ok 11:27:22.0803 0x2360 LanmanWorkstation - ok 11:27:22.0831 0x2360 lfsvc - ok 11:27:22.0843 0x2360 LicenseManager - ok 11:27:22.0854 0x2360 lltdio - ok 11:27:22.0886 0x2360 lltdsvc - ok 11:27:22.0900 0x2360 lmhosts - ok 11:27:22.0959 0x2360 [ DBA3BC9C377A867350099D693E8A3413, F3BDF96C8A3749DDD24FB60F3220A404450C043154F49AB64B3A433EED2906FE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 11:27:22.0973 0x2360 LMS - ok 11:27:22.0985 0x2360 LSI_SAS - ok 11:27:22.0989 0x2360 LSI_SAS2i - ok 11:27:22.0994 0x2360 LSI_SAS3i - ok 11:27:22.0999 0x2360 LSI_SSS - ok 11:27:23.0025 0x2360 LSM - ok 11:27:23.0028 0x2360 luafv - ok 11:27:23.0045 0x2360 MapsBroker - ok 11:27:23.0048 0x2360 megasas - ok 11:27:23.0073 0x2360 megasas2i - ok 11:27:23.0076 0x2360 megasr - ok 11:27:23.0100 0x2360 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 11:27:23.0106 0x2360 MEIx64 - ok 11:27:23.0136 0x2360 MessagingService - ok 11:27:23.0172 0x2360 [ 573CE2135CA79AAB6EFB110EEB998F75, 225C81228C1261BA562DCC08C97A37754A8472A4C9A4C5BE5C19A40C15B93F62 ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys 11:27:23.0176 0x2360 mfeelamk - ok 11:27:23.0197 0x2360 mlx4_bus - ok 11:27:23.0221 0x2360 MMCSS - ok 11:27:23.0240 0x2360 Modem - ok 11:27:23.0266 0x2360 monitor - ok 11:27:23.0278 0x2360 mouclass - ok 11:27:23.0290 0x2360 mouhid - ok 11:27:23.0298 0x2360 mountmgr - ok 11:27:23.0337 0x2360 [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:27:23.0342 0x2360 MozillaMaintenance - ok 11:27:23.0348 0x2360 mpsdrv - ok 11:27:23.0360 0x2360 MpsSvc - ok 11:27:23.0375 0x2360 MRxDAV - ok 11:27:23.0383 0x2360 mrxsmb - ok 11:27:23.0400 0x2360 mrxsmb10 - ok 11:27:23.0416 0x2360 mrxsmb20 - ok 11:27:23.0430 0x2360 MsBridge - ok 11:27:23.0460 0x2360 MSDTC - ok 11:27:23.0471 0x2360 Msfs - ok 11:27:23.0500 0x2360 msgpiowin32 - ok 11:27:23.0520 0x2360 mshidkmdf - ok 11:27:23.0524 0x2360 mshidumdf - ok 11:27:23.0530 0x2360 msisadrv - ok 11:27:23.0571 0x2360 MSiSCSI - ok 11:27:23.0576 0x2360 msiserver - ok 11:27:23.0585 0x2360 MSKSSRV - ok 11:27:23.0593 0x2360 MsLldp - ok 11:27:23.0607 0x2360 MSPCLOCK - ok 11:27:23.0610 0x2360 MSPQM - ok 11:27:23.0613 0x2360 MsRPC - ok 11:27:23.0618 0x2360 mssmbios - ok 11:27:23.0622 0x2360 MSTEE - ok 11:27:23.0625 0x2360 MTConfig - ok 11:27:23.0628 0x2360 Mup - ok 11:27:23.0632 0x2360 mvumis - ok 11:27:23.0642 0x2360 NativeWifiP - ok 11:27:23.0669 0x2360 NcaSvc - ok 11:27:23.0694 0x2360 NcbService - ok 11:27:23.0697 0x2360 NcdAutoSetup - ok 11:27:23.0709 0x2360 ndfltr - ok 11:27:23.0719 0x2360 NDIS - ok 11:27:23.0732 0x2360 NdisCap - ok 11:27:23.0755 0x2360 NdisImPlatform - ok 11:27:23.0761 0x2360 NdisTapi - ok 11:27:23.0768 0x2360 Ndisuio - ok 11:27:23.0798 0x2360 NdisVirtualBus - ok 11:27:23.0805 0x2360 NdisWan - ok 11:27:23.0812 0x2360 ndiswanlegacy - ok 11:27:23.0820 0x2360 ndproxy - ok 11:27:23.0826 0x2360 Ndu - ok 11:27:23.0833 0x2360 NetAdapterCx - ok 11:27:23.0838 0x2360 NetBIOS - ok 11:27:23.0844 0x2360 NetBT - ok 11:27:23.0847 0x2360 Netlogon - ok 11:27:23.0879 0x2360 Netman - ok 11:27:23.0894 0x2360 netprofm - ok 11:27:23.0931 0x2360 NetSetupSvc - ok 11:27:24.0009 0x2360 NetTcpPortSharing - ok 11:27:24.0030 0x2360 NgcCtnrSvc - ok 11:27:24.0045 0x2360 NgcSvc - ok 11:27:24.0064 0x2360 NlaSvc - ok 11:27:24.0074 0x2360 Npfs - ok 11:27:24.0100 0x2360 npsvctrig - ok 11:27:24.0124 0x2360 nsi - ok 11:27:24.0127 0x2360 nsiproxy - ok 11:27:24.0149 0x2360 NTFS - ok 11:27:24.0154 0x2360 Null - ok 11:27:24.0176 0x2360 nvraid - ok 11:27:24.0194 0x2360 nvstor - ok 11:27:24.0333 0x2360 [ 1FCA1F5C406B7625F7B8465AF01E1711, 490EA3A9DD0EBB9283D971FC4399218F6B08B2B8D11A36B80475572AEE28D904 ] NWSAPAutoWorkstationUpdateSvc C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe 11:27:24.0345 0x2360 NWSAPAutoWorkstationUpdateSvc - ok 11:27:24.0386 0x2360 OneSyncSvc - ok 11:27:24.0497 0x2360 [ 1016109299674BEDCA4930324E4C0AB3, 5A54BF2D7474543452879AFA5A24F28073BDF1B8ADEC1997556049BD0F2392D9 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:27:24.0509 0x2360 ose - ok 11:27:24.0542 0x2360 p2pimsvc - ok 11:27:24.0563 0x2360 p2psvc - ok 11:27:24.0586 0x2360 Parport - ok 11:27:24.0603 0x2360 partmgr - ok 11:27:24.0626 0x2360 PcaSvc - ok 11:27:24.0642 0x2360 pci - ok 11:27:24.0687 0x2360 pciide - ok 11:27:24.0700 0x2360 pcmcia - ok 11:27:24.0708 0x2360 pcw - ok 11:27:24.0715 0x2360 pdc - ok 11:27:24.0732 0x2360 PEAUTH - ok 11:27:24.0738 0x2360 percsas2i - ok 11:27:24.0763 0x2360 percsas3i - ok 11:27:24.0916 0x2360 PerfHost - ok 11:27:24.0949 0x2360 PhoneSvc - ok 11:27:24.0968 0x2360 PimIndexMaintenanceSvc - ok 11:27:24.0998 0x2360 pla - ok 11:27:25.0019 0x2360 PlugPlay - ok 11:27:25.0063 0x2360 PNRPAutoReg - ok 11:27:25.0067 0x2360 PNRPsvc - ok 11:27:25.0087 0x2360 PolicyAgent - ok 11:27:25.0108 0x2360 Power - ok 11:27:25.0130 0x2360 PptpMiniport - ok 11:27:25.0390 0x2360 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 11:27:25.0440 0x2360 PrintNotify - ok 11:27:25.0454 0x2360 Processor - ok 11:27:25.0466 0x2360 ProfSvc - ok 11:27:25.0477 0x2360 Psched - ok 11:27:25.0522 0x2360 QWAVE - ok 11:27:25.0533 0x2360 QWAVEdrv - ok 11:27:25.0563 0x2360 RasAcd - ok 11:27:25.0606 0x2360 RasAgileVpn - ok 11:27:25.0626 0x2360 RasAuto - ok 11:27:25.0629 0x2360 Rasl2tp - ok 11:27:25.0655 0x2360 RasMan - ok 11:27:25.0669 0x2360 RasPppoe - ok 11:27:25.0672 0x2360 RasSstp - ok 11:27:25.0676 0x2360 rdbss - ok 11:27:25.0695 0x2360 rdpbus - ok 11:27:25.0698 0x2360 RDPDR - ok 11:27:25.0763 0x2360 RdpVideoMiniport - ok 11:27:25.0766 0x2360 rdyboost - ok 11:27:25.0786 0x2360 ReFSv1 - ok 11:27:25.0816 0x2360 RemoteAccess - ok 11:27:25.0845 0x2360 RemoteRegistry - ok 11:27:25.0866 0x2360 RetailDemo - ok 11:27:25.0881 0x2360 RmSvc - ok 11:27:25.0892 0x2360 RpcEptMapper - ok 11:27:25.0913 0x2360 RpcLocator - ok 11:27:25.0922 0x2360 RpcSs - ok 11:27:25.0933 0x2360 rspndr - ok 11:27:25.0992 0x2360 [ DFE1602D6A08A0C27C48DD8C4EFB11CA, 18368C921075780ABAFCC489BB69C5CBCE788A8C29B5CEAFB23C8EAB42CD1129 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 11:27:26.0009 0x2360 rt640x64 - ok 11:27:26.0022 0x2360 RtlWlanu_OldIC - ok 11:27:26.0026 0x2360 s3cap - ok 11:27:26.0052 0x2360 SamSs - ok 11:27:26.0065 0x2360 sbp2port - ok 11:27:26.0098 0x2360 SCardSvr - ok 11:27:26.0142 0x2360 ScDeviceEnum - ok 11:27:26.0163 0x2360 scfilter - ok 11:27:26.0180 0x2360 Schedule - ok 11:27:26.0196 0x2360 scmbus - ok 11:27:26.0221 0x2360 scmdisk0101 - ok 11:27:26.0260 0x2360 SCPolicySvc - ok 11:27:26.0273 0x2360 sdbus - ok 11:27:26.0307 0x2360 SDRSVC - ok 11:27:26.0321 0x2360 sdstor - ok 11:27:26.0347 0x2360 seclogon - ok 11:27:26.0362 0x2360 SENS - ok 11:27:26.0391 0x2360 SensorDataService - ok 11:27:26.0406 0x2360 SensorService - ok 11:27:26.0425 0x2360 SensrSvc - ok 11:27:26.0441 0x2360 SerCx - ok 11:27:26.0449 0x2360 SerCx2 - ok 11:27:26.0477 0x2360 Serenum - ok 11:27:26.0487 0x2360 Serial - ok 11:27:26.0496 0x2360 sermouse - ok 11:27:26.0534 0x2360 SessionEnv - ok 11:27:26.0537 0x2360 sfloppy - ok 11:27:26.0567 0x2360 SharedAccess - ok 11:27:26.0627 0x2360 ShellHWDetection - ok 11:27:26.0665 0x2360 shpamsvc - ok 11:27:26.0688 0x2360 SiSRaid2 - ok 11:27:26.0698 0x2360 SiSRaid4 - ok 11:27:26.0728 0x2360 smphost - ok 11:27:26.0756 0x2360 SmsRouter - ok 11:27:26.0774 0x2360 SNMPTRAP - ok 11:27:26.0804 0x2360 spaceport - ok 11:27:26.0810 0x2360 SpbCx - ok 11:27:26.0826 0x2360 Spooler - ok 11:27:26.0847 0x2360 sppsvc - ok 11:27:26.0866 0x2360 srv - ok 11:27:26.0875 0x2360 srv2 - ok 11:27:26.0896 0x2360 srvnet - ok 11:27:26.0916 0x2360 SSDPSRV - ok 11:27:26.0939 0x2360 SstpSvc - ok 11:27:26.0975 0x2360 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 11:27:26.0980 0x2360 ssudmdm - ok 11:27:27.0285 0x2360 StateRepository - ok 11:27:27.0310 0x2360 stexstor - ok 11:27:27.0359 0x2360 stisvc - ok 11:27:27.0375 0x2360 storahci - ok 11:27:27.0386 0x2360 storflt - ok 11:27:27.0403 0x2360 stornvme - ok 11:27:27.0407 0x2360 storqosflt - ok 11:27:27.0529 0x2360 StorSvc - ok 11:27:27.0687 0x2360 storufs - ok 11:27:27.0691 0x2360 storvsc - ok 11:27:27.0739 0x2360 svsvc - ok 11:27:27.0742 0x2360 swenum - ok 11:27:27.0745 0x2360 swprv - ok 11:27:27.0767 0x2360 Synth3dVsc - ok 11:27:27.0785 0x2360 SysMain - ok 11:27:27.0805 0x2360 SystemEventsBroker - ok 11:27:27.0827 0x2360 TabletInputService - ok 11:27:27.0831 0x2360 TapiSrv - ok 11:27:27.0845 0x2360 Tcpip - ok 11:27:27.0849 0x2360 Tcpip6 - ok 11:27:27.0865 0x2360 tcpipreg - ok 11:27:27.0897 0x2360 tdx - ok 11:27:27.0911 0x2360 terminpt - ok 11:27:27.0952 0x2360 TermService - ok 11:27:27.0966 0x2360 Themes - ok 11:27:28.0027 0x2360 TieringEngineService - ok 11:27:28.0037 0x2360 tiledatamodelsvc - ok 11:27:28.0070 0x2360 TimeBrokerSvc - ok 11:27:28.0086 0x2360 TPM - ok 11:27:28.0091 0x2360 TrkWks - ok 11:27:28.0168 0x2360 TrustedInstaller - ok 11:27:28.0175 0x2360 tsusbflt - ok 11:27:28.0222 0x2360 TsUsbGD - ok 11:27:28.0226 0x2360 tunnel - ok 11:27:28.0258 0x2360 tzautoupdate - ok 11:27:28.0314 0x2360 UASPStor - ok 11:27:28.0327 0x2360 UcmCx0101 - ok 11:27:28.0332 0x2360 UcmTcpciCx0101 - ok 11:27:28.0338 0x2360 UcmUcsi - ok 11:27:28.0343 0x2360 Ucx01000 - ok 11:27:28.0347 0x2360 UdeCx - ok 11:27:28.0353 0x2360 udfs - ok 11:27:28.0375 0x2360 UEFI - ok 11:27:28.0386 0x2360 Ufx01000 - ok 11:27:28.0390 0x2360 UfxChipidea - ok 11:27:28.0396 0x2360 ufxsynopsys - ok 11:27:28.0421 0x2360 UI0Detect - ok 11:27:28.0424 0x2360 umbus - ok 11:27:28.0429 0x2360 UmPass - ok 11:27:28.0451 0x2360 UmRdpService - ok 11:27:28.0490 0x2360 UnistoreSvc - ok 11:27:28.0540 0x2360 upnphost - ok 11:27:28.0544 0x2360 UrsChipidea - ok 11:27:28.0578 0x2360 UrsCx01000 - ok 11:27:28.0588 0x2360 UrsSynopsys - ok 11:27:28.0592 0x2360 usbccgp - ok 11:27:28.0596 0x2360 usbcir - ok 11:27:28.0610 0x2360 usbehci - ok 11:27:28.0619 0x2360 usbhub - ok 11:27:28.0622 0x2360 USBHUB3 - ok 11:27:28.0626 0x2360 usbohci - ok 11:27:28.0629 0x2360 usbprint - ok 11:27:28.0664 0x2360 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 11:27:28.0666 0x2360 usbscan - ok 11:27:28.0671 0x2360 usbser - ok 11:27:28.0676 0x2360 USBSTOR - ok 11:27:28.0680 0x2360 usbuhci - ok 11:27:28.0695 0x2360 usbvideo - ok 11:27:28.0698 0x2360 USBXHCI - ok 11:27:28.0713 0x2360 UserDataSvc - ok 11:27:28.0739 0x2360 UserManager - ok 11:27:28.0746 0x2360 UsoSvc - ok 11:27:28.0749 0x2360 VaultSvc - ok 11:27:28.0754 0x2360 vdrvroot - ok 11:27:28.0764 0x2360 vds - ok 11:27:28.0768 0x2360 VerifierExt - ok 11:27:28.0785 0x2360 vhdmp - ok 11:27:28.0798 0x2360 vhf - ok 11:27:28.0810 0x2360 vmbus - ok 11:27:28.0813 0x2360 VMBusHID - ok 11:27:28.0818 0x2360 vmgid - ok 11:27:28.0862 0x2360 vmicguestinterface - ok 11:27:28.0867 0x2360 vmicheartbeat - ok 11:27:28.0871 0x2360 vmickvpexchange - ok 11:27:28.0892 0x2360 vmicrdv - ok 11:27:28.0895 0x2360 vmicshutdown - ok 11:27:28.0899 0x2360 vmictimesync - ok 11:27:28.0902 0x2360 vmicvmsession - ok 11:27:28.0906 0x2360 vmicvss - ok 11:27:28.0909 0x2360 volmgr - ok 11:27:28.0920 0x2360 volmgrx - ok 11:27:28.0923 0x2360 volsnap - ok 11:27:28.0927 0x2360 volume - ok 11:27:28.0940 0x2360 vpci - ok 11:27:28.0943 0x2360 vsmraid - ok 11:27:28.0955 0x2360 VSS - ok 11:27:28.0988 0x2360 VSTXRAID - ok 11:27:29.0006 0x2360 vwifibus - ok 11:27:29.0009 0x2360 vwififlt - ok 11:27:29.0030 0x2360 vwifimp - ok 11:27:29.0037 0x2360 W32Time - ok 11:27:29.0042 0x2360 WacomPen - ok 11:27:29.0071 0x2360 WalletService - ok 11:27:29.0074 0x2360 wanarp - ok 11:27:29.0078 0x2360 wanarpv6 - ok 11:27:29.0108 0x2360 wbengine - ok 11:27:29.0133 0x2360 WbioSrvc - ok 11:27:29.0156 0x2360 wcifs - ok 11:27:29.0173 0x2360 Wcmsvc - ok 11:27:29.0198 0x2360 wcncsvc - ok 11:27:29.0222 0x2360 wcnfs - ok 11:27:29.0237 0x2360 WdBoot - ok 11:27:29.0253 0x2360 Wdf01000 - ok 11:27:29.0259 0x2360 WdFilter - ok 11:27:29.0266 0x2360 WdiServiceHost - ok 11:27:29.0271 0x2360 WdiSystemHost - ok 11:27:29.0287 0x2360 wdiwifi - ok 11:27:29.0311 0x2360 WdNisDrv - ok 11:27:29.0385 0x2360 WdNisSvc - ok 11:27:29.0433 0x2360 WebClient - ok 11:27:29.0445 0x2360 Wecsvc - ok 11:27:29.0472 0x2360 WEPHOSTSVC - ok 11:27:29.0516 0x2360 wercplsupport - ok 11:27:29.0534 0x2360 WerSvc - ok 11:27:29.0539 0x2360 WFPLWFS - ok 11:27:29.0575 0x2360 WiaRpc - ok 11:27:29.0590 0x2360 WIMMount - ok 11:27:29.0594 0x2360 WinDefend - ok 11:27:29.0634 0x2360 WindowsTrustedRT - ok 11:27:29.0639 0x2360 WindowsTrustedRTProxy - ok 11:27:29.0663 0x2360 WinHttpAutoProxySvc - ok 11:27:29.0677 0x2360 WinMad - ok 11:27:29.0736 0x2360 Winmgmt - ok 11:27:29.0771 0x2360 WinRM - ok 11:27:29.0845 0x2360 WINUSB - ok 11:27:29.0858 0x2360 WinVerbs - ok 11:27:29.0910 0x2360 wisvc - ok 11:27:29.0970 0x2360 WlanSvc - ok 11:27:30.0010 0x2360 wlidsvc - ok 11:27:30.0022 0x2360 WmiAcpi - ok 11:27:30.0039 0x2360 wmiApSrv - ok 11:27:30.0058 0x2360 WMPNetworkSvc - ok 11:27:30.0068 0x2360 Wof - ok 11:27:30.0112 0x2360 workfolderssvc - ok 11:27:30.0138 0x2360 WPDBusEnum - ok 11:27:30.0168 0x2360 WpdUpFltr - ok 11:27:30.0178 0x2360 WpnService - ok 11:27:30.0190 0x2360 WpnUserService - ok 11:27:30.0220 0x2360 ws2ifsl - ok 11:27:30.0254 0x2360 wscsvc - ok 11:27:30.0260 0x2360 WSearch - ok 11:27:30.0309 0x2360 wuauserv - ok 11:27:30.0333 0x2360 WudfPf - ok 11:27:30.0339 0x2360 WUDFRd - ok 11:27:30.0366 0x2360 wudfsvc - ok 11:27:30.0373 0x2360 WUDFWpdFs - ok 11:27:30.0379 0x2360 WUDFWpdMtp - ok 11:27:30.0399 0x2360 WwanSvc - ok 11:27:30.0415 0x2360 XblAuthManager - ok 11:27:30.0439 0x2360 XblGameSave - ok 11:27:30.0461 0x2360 xboxgip - ok 11:27:30.0474 0x2360 XboxNetApiSvc - ok 11:27:30.0509 0x2360 xinputhid - ok 11:27:30.0537 0x2360 ================ Scan global =============================== 11:27:30.0610 0x2360 [ Global ] - ok 11:27:30.0611 0x2360 ================ Scan MBR ================================== 11:27:30.0621 0x2360 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 11:27:30.0630 0x2360 \Device\Harddisk0\DR0 - ok 11:27:31.0129 0x2360 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 11:27:31.0746 0x2360 \Device\Harddisk1\DR1 - ok 11:27:31.0746 0x2360 ================ Scan VBR ================================== 11:27:31.0773 0x2360 [ D40FDA8CED7DA48085500EE78CCFB4EC ] \Device\Harddisk0\DR0\Partition1 11:27:31.0774 0x2360 \Device\Harddisk0\DR0\Partition1 - ok 11:27:31.0786 0x2360 [ 54AA11AFA16D34A986BD82487E5A83D3 ] \Device\Harddisk0\DR0\Partition2 11:27:31.0796 0x2360 \Device\Harddisk0\DR0\Partition2 - ok 11:27:31.0808 0x2360 [ 463DE2CD98A367B564B8A303EAB4AB4D ] \Device\Harddisk0\DR0\Partition3 11:27:31.0808 0x2360 \Device\Harddisk0\DR0\Partition3 - ok 11:27:31.0829 0x2360 [ DABB7BE167D09E8ADC7DD6DC150457F2 ] \Device\Harddisk0\DR0\Partition4 11:27:31.0831 0x2360 \Device\Harddisk0\DR0\Partition4 - ok 11:27:31.0847 0x2360 [ 705495AF6CE45B0F3E63F31772E1E337 ] \Device\Harddisk0\DR0\Partition5 11:27:31.0848 0x2360 \Device\Harddisk0\DR0\Partition5 - ok 11:27:31.0872 0x2360 [ B9EA8A7C0144D984964D387976245FF7 ] \Device\Harddisk0\DR0\Partition6 11:27:31.0873 0x2360 \Device\Harddisk0\DR0\Partition6 - ok 11:27:32.0150 0x2360 [ 36375F6B34533DC74379956ACE27E827 ] \Device\Harddisk1\DR1\Partition1 11:27:32.0458 0x2360 \Device\Harddisk1\DR1\Partition1 - ok 11:27:32.0459 0x2360 ================ Scan generic autorun ====================== 11:27:32.0643 0x2360 [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe 11:27:32.0646 0x2360 WebStorage - ok 11:27:32.0766 0x2360 [ 9AC10DF42CC1E811BB8608A0B609A7D0, 8337D83D40E5FA5A38109F3C4E6AF217AA4D112E9174FC2E5662A0DE77249F63 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 11:27:32.0783 0x2360 SunJavaUpdateSched - ok 11:27:32.0828 0x2360 Dropbox - ok 11:27:32.0893 0x2360 OneDriveSetup - ok 11:27:32.0896 0x2360 OneDriveSetup - ok 11:27:33.0196 0x2360 [ 8AA4A3119B2DF4FFAAD39A98F4764E47, 412192A2261ED0BD82EE2418DF94A8B3BC41D2D40F5AB8DA0F99FB9F0525910E ] C:\Program Files\CCleaner\CCleaner64.exe 11:27:33.0338 0x2360 CCleaner Monitoring - ok 11:27:33.0371 0x2360 GoogleDriveSync - ok 11:27:33.0374 0x2360 Waiting for KSN requests completion. In queue: 3 11:27:34.0399 0x2360 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41000 ( enabled : updated ) 11:27:34.0400 0x2360 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated ) 11:27:34.0405 0x2360 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41010 ( enabled ) 11:27:34.0575 0x2360 ============================================================ 11:27:34.0575 0x2360 Scan finished 11:27:34.0575 0x2360 ============================================================ 11:27:34.0596 0x2a10 Detected object count: 0 11:27:34.0596 0x2a10 Actual detected object count: 0 11:28:35.0252 0x1188 Deinitialize success Hallo Zusammen, hat sich das Thema jetzt erledigt ? Mfg Ketti ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1d35b6020fcffa43b00aefd7b83505da # end=init # utc_time=2017-05-24 09:32:00 # local_time=2017-05-24 11:32:00 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 33495 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1d35b6020fcffa43b00aefd7b83505da # end=updated # utc_time=2017-05-24 09:35:04 # local_time=2017-05-24 11:35:04 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=1d35b6020fcffa43b00aefd7b83505da # engine=33495 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2017-05-25 08:44:20 # local_time=2017-05-25 10:44:20 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Kaspersky Internet Security' # compatibility_mode=1313 16777213 100 100 85922 28632394 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 1184216 27032474 0 0 # scanned=241329 # found=0 # cleaned=0 # scan_time=40155 |
Themen zu Direct Pay Zahlungsaufforderungsmail Zip Datei geöffnet |
adminrechte, brauch, computer, datei, fenster, gefährdet, gesetzt, gespeichert, kapersky, kaspersky, löschen, msdos, neustart, nichts, office 365, rechner, rechte, rechten, rootkit, sofort, spam, suche, troja, untersuchung, versucht, windowsapps, zusätzlich |